freebie.cor-events.com Open in urlscan Pro
75.101.134.27  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response freebie.cor-events.com/	37 KB 9 KB	465ms 229ms	Document text/html	75.101.134.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://freebie.cor-events.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-134-27.compute-1.amazonaws.com Software / Resource Hash 2c710c7533a3c87b64f5dc1ef53b15289aca859136b1cde3b8262846f75d2428 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html;charset=UTF-8 date Sun, 03 Dec 2023 19:41:42 GMT etag "c9f77eb00af06a0577c265c00a4453d5-gzip" last-modified Wed, 16 Feb 2022 15:22:01 GMT vary Accept-Encoding x-showit hosted
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	179ms 64ms	Stylesheet text/css	2607:f8b0:4024:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial:regular|Cormorant+Garamond:italic|Cormorant+Garamond:regular Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8360e04cfec5a6d5133189fa39701d7a3779b85cf3f311410b89868689de19d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 03 Dec 2023 19:41:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 03 Dec 2023 19:41:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 03 Dec 2023 19:41:42 GMT
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/	54 KB 4 KB	119ms 47ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 19:41:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 286951 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3203 last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-d8e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLcr3rHzZhxMIaxijFSSdwiSiE%2BDrh4Uc1D0wkZL4B5lOxCniPFQL5NFIbeBADP7lNFcF4%2FcsW0i%2FJdytkk%2BUiPqB9OjuMTcM4beza%2BW8blwuSgQDp1YB8%2BXb4VypOvyBiqviF3k25sBYAY6LeJjCkNv"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82fe49e3bbb45d10-MIA expires Fri, 22 Nov 2024 19:41:42 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	200ms 64ms	Script text/javascript	2607:f8b0:4006:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:31:36 GMT content-encoding gzip x-content-type-options nosniff age 76206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Dec 2024 22:31:36 GMT
GET H2	200	showit-lib.min.js Show response lib.showit.co/engine/1.4.8/	113 KB 38 KB	710ms 258ms	Script application/javascript	13.249.146.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.4.8/showit-lib.min.js Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.146.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-146-13.nrt51.r.cloudfront.net Software AmazonS3 / Resource Hash 3747b4db2253c680e11f8d2724b44b6d1f15dddd0fefe3e6c64b074fa860fb5e Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 27 Nov 2023 02:55:51 GMT content-encoding gzip via 1.1 cc4f256bd87596ad19c279a0f0e0a4c0.cloudfront.net (CloudFront) last-modified Thu, 10 Feb 2022 20:58:18 GMT server AmazonS3 x-amz-cf-pop NRT51-C1 age 578752 etag W/"a5982f6fdd0fc92940695ccc49105c6d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id FeIEXnZA4jqMCGocMiVi-4GQIum6UDi7D-oq4ID6TLRnbcXlOmYpvQ==
GET H2	200	showit.min.js Show response lib.showit.co/engine/1.4.8/	39 KB 13 KB	672ms 219ms	Script application/javascript	13.249.146.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.4.8/showit.min.js Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.146.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-146-13.nrt51.r.cloudfront.net Software AmazonS3 / Resource Hash 823cd3f415444b3feafca55f1fc751b3bd59a8fb380e66eabcd7337571573e2f Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 01:18:39 GMT content-encoding gzip via 1.1 cc4f256bd87596ad19c279a0f0e0a4c0.cloudfront.net (CloudFront) last-modified Thu, 10 Feb 2022 20:58:19 GMT server AmazonS3 x-amz-cf-pop NRT51-C1 age 325384 etag W/"fdba032e343478ff86b2079086e4e77b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id y2wGrQuUCzaE1KXFh7iXoqMpdXJO8Cs0PzuDF6Aojvx60WSbqA1LzQ==
GET H2	200	showit.css lib.showit.co/engine/1.4.8/	7 KB 3 KB	677ms 225ms	Stylesheet text/css	13.249.146.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.4.8/showit.css Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.146.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-146-13.nrt51.r.cloudfront.net Software AmazonS3 / Resource Hash 10ec6321cd1547b4109f7bb232828e0c4226fad265ace471975a25a4a537e6b7 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 01 Dec 2023 19:08:26 GMT content-encoding gzip via 1.1 cc4f256bd87596ad19c279a0f0e0a4c0.cloudfront.net (CloudFront) last-modified Thu, 10 Feb 2022 20:58:19 GMT server AmazonS3 x-amz-cf-pop NRT51-C1 age 174797 etag W/"b08b91e3ac7b79395e48e02c6cc1ae17" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id a-MXZiuyVGKRVV42FhfppSOINibbJhBWBNQl8q6SrBjK1FI5_1ooWA==
GET H/1.1	200 OK	universal.mjs Show response assets.flodesk.com/	158 KB 61 KB	1098ms 593ms	Script application/javascript	2600:9000:2112:e600:f:b2f5:a240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.flodesk.com/universal.mjs?v=850816200 Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2112:e600:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71526258d9b32ae8086227e2eba70983bd87c814242d240361f36502099b30ad Request headers Referer https://freebie.cor-events.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sun, 03 Dec 2023 19:41:44 GMT Content-Encoding gzip Via 1.1 729d3631182d0e7182f06f9a779667de.cloudfront.net (CloudFront) X-Amz-Cf-Pop NRT51-C1 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Last-Modified Wed, 29 Nov 2023 07:33:57 GMT Server AmazonS3 ETag W/"3fafb511a2be693527cfcd75077cb25e" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, PUT, HEAD, POST, DELETE Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers ETag Cache-Control max-age=31536000 Vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method X-Amz-Cf-Id bndItzFYjJm9cFxqCCuLKGBpHqmGmbRghOaG3fqfTiiWjCfnAupMCw==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	202ms 68ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 03 Dec 2023 19:41:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug cJm5DMLatrvyHhU8bXg9R3v/CjBdT+riMkx945LpWpgQ4YwldWdkjQAc/w+bn6wY31r53RuaGCF75anr9ZJaxQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	QdVUSTchPBm7nuUeVf70viFl.woff2 fonts.gstatic.com/s/questrial/v18/	19 KB 19 KB	167ms 55ms	Font font/woff2	2607:f8b0:4024:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial:regular|Cormorant+Garamond:italic|Cormorant+Garamond:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 01:09:45 GMT x-content-type-options nosniff age 66718 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19292 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:12:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 01:09:45 GMT
GET H2	200	co3ZmX5slCNuHLi8bLeY9MK7whWMhyjYrEtImSo.woff2 fonts.gstatic.com/s/cormorantgaramond/v16/	21 KB 21 KB	239ms 128ms	Font font/woff2	2607:f8b0:4024:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorantgaramond/v16/co3ZmX5slCNuHLi8bLeY9MK7whWMhyjYrEtImSo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial:regular|Cormorant+Garamond:italic|Cormorant+Garamond:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash effe3ef07d4e0d249d837344e70bdf50fc94ccc44870b02103dad9a75d4e003f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:04:03 GMT x-content-type-options nosniff age 77860 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21612 x-xss-protection 0 last-modified Tue, 09 Aug 2022 02:23:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Dec 2024 22:04:03 GMT
GET H2	200	co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2 fonts.gstatic.com/s/cormorantgaramond/v16/	20 KB 20 KB	185ms 74ms	Font font/woff2	2607:f8b0:4024:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial:regular|Cormorant+Garamond:italic|Cormorant+Garamond:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 21:57:39 GMT x-content-type-options nosniff age 78244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20648 x-xss-protection 0 last-modified Tue, 09 Aug 2022 02:18:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Dec 2024 21:57:39 GMT
GET H2	200	3.png static.showit.co/1600/TbJDhm5OS3CX9yzgjf9Q_w/131325/	1 MB 1 MB	364ms 215ms	Image image/png	13.249.39.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/TbJDhm5OS3CX9yzgjf9Q_w/131325/3.png Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-75.iad89.r.cloudfront.net Software nginx / Resource Hash b3ebf1340364decd3d114917b496959d89d756df5a75436f9514879da01f5377 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 19:41:43 GMT via 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront) last-modified Tue, 19 Jan 2021 01:15:21 GMT server nginx x-amz-cf-pop IAD89-C1 etag 519c215816160812f9aa71aa15f3fa11 vary Origin x-cache Miss from cloudfront content-type image/png access-control-allow-origin cache-control max-age=86400 content-length 1418130 media-server node x-amz-cf-id A53Vc5yqMo_UUJvKGznQ3_uGW9p1RtqxsAbQVOyTvpskX08U_Soi_Q==
GET H2	200	4806889286072465 Show response connect.facebook.net/signals/config/	139 KB 36 KB	135ms 134ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/4806889286072465?v=2.9.138&r=stable&domain=freebie.cor-events.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9b6956aa2fdf0a2e42a8e46c7d8b242e211265c53d10853668eabf87d4965e22 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 03 Dec 2023 19:41:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 5bfXUX5UeFUVVsjMymuETTr5NcDxA/qBxxkHYnogOmCAM+H+MYH0ZrJItXjXowHJGbkQqmVdNofxPzsol+OHWQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	271ms 66ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=4806889286072465&ev=PageView&dl=https%3A%2F%2Ffreebie.cor-events.com%2F&rl=&if=false&ts=1701632503676&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701632503673.1408757767&cs_est=true&ler=empty&it=1701632503500&coo=false&rqm=GET Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 03 Dec 2023 19:41:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	3.png static.showit.co/1600/TbJDhm5OS3CX9yzgjf9Q_w/131325/	1 MB 1 MB	66ms 66ms	Image image/png	13.249.39.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/TbJDhm5OS3CX9yzgjf9Q_w/131325/3.png Requested by Host: freebie.cor-events.com URL: https://freebie.cor-events.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-75.iad89.r.cloudfront.net Software nginx / Resource Hash b3ebf1340364decd3d114917b496959d89d756df5a75436f9514879da01f5377 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 19:41:43 GMT via 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront) last-modified Tue, 19 Jan 2021 01:15:21 GMT server nginx x-amz-cf-pop IAD89-C1 etag 519c215816160812f9aa71aa15f3fa11 vary Origin x-cache Hit from cloudfront content-type image/png access-control-allow-origin cache-control max-age=86400 content-length 1418130 media-server node x-amz-cf-id _UalkvhVurana-ACz9u_0_hpfZBNWO5x3moe8xQl_CLUO4xJbZaOqA==
GET H2	200	620a810bd328ec5152cf005f Show response form.flodesk.com/forms/	31 KB 5 KB	1191ms 753ms	XHR text/html	2600:9000:202f:de00:f:9de7:2240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form.flodesk.com/forms/620a810bd328ec5152cf005f Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:202f:de00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 9d18a97885869e961f37282cf03ad2ad811ea2bf5cbf32991f15ba9fe2aa92f8 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 19:41:44 GMT content-encoding gzip via 1.1 bb12617acf6aeec34b4592560a9ef908.cloudfront.net (CloudFront) x-amz-cf-pop NRT51-C4 vary Origin x-cache Miss from cloudfront content-type text/html; charset=utf-8 access-control-allow-origin * x-amz-cf-id vX-mbFYhYo7yzBqRjUD-X3omklKOeoV9QNj1onBApuQF5AF4-Ms2zQ==
GET H2	200	css fonts.googleapis.com/	5 KB 693 B	67ms 66ms	Stylesheet text/css	2607:f8b0:4024:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cormorant:300,400,700&display=swap Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4127ed901ab8c308cd39a9a3c4113fb5b4f9189aa5d98c090e0a9cd566afec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 03 Dec 2023 19:41:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 03 Dec 2023 19:22:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 03 Dec 2023 19:41:45 GMT
GET H/1.1	200 OK	helveticaneueltstd.css assets.flodesk.com/	475 B 970 B	612ms 204ms	Stylesheet text/css	2600:9000:2112:e600:f:b2f5:a240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.flodesk.com/helveticaneueltstd.css Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2112:e600:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8d5540ffc58ef3383a9ad5036ae5dfcb87b512b61ba53803347e772d705e3494 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 07:39:22 GMT Via 1.1 c2d4dc2b9e3d88768037bd0f77e3d802.cloudfront.net (CloudFront) Last-Modified Thu, 03 Nov 2022 09:19:22 GMT Server AmazonS3 X-Amz-Cf-Pop NRT51-C1 Age 388944 ETag "5070349e57da074063b330e7794d1aaa" X-Cache Hit from cloudfront Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 475 X-Amz-Cf-Id nsGUJkhlggwVCOOwpw6PBP1rQUu950-0cTfGg4TYVdffn0WCdZNmWg==
GET H2	200	css fonts.googleapis.com/	20 KB 1011 B	64ms 64ms	Stylesheet text/css	2607:f8b0:4024:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 03 Dec 2023 19:41:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 03 Dec 2023 18:38:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 03 Dec 2023 19:41:45 GMT
GET H/1.1	200 OK	312.fda53f2d79d475552a32.mjs Show response assets.flodesk.com/	32 KB 13 KB	637ms 227ms	Script application/javascript	2600:9000:2112:e600:f:b2f5:a240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.flodesk.com/312.fda53f2d79d475552a32.mjs Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2112:e600:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4da345d0a59b80f29122537bc5e007b74f532f3dede23fc82bbab48faf06c6c3 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 07:34:07 GMT Content-Encoding gzip Via 1.1 8110bc7c6980a471e8c87441835f36be.cloudfront.net (CloudFront) X-Amz-Cf-Pop NRT51-C1 Age 389259 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 29 Nov 2023 07:33:22 GMT Server AmazonS3 ETag W/"047e1461341e5b99eb9e5b1647b3df0e" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000 X-Amz-Cf-Id m6YjoseA9nWPvYYQs8OTgkO5lkn2ZcVKvaKcEwHL1f_6img5k6Fh0w==
GET H/1.1	200 OK	650.580e29ede6657aee2d7e.mjs Show response assets.flodesk.com/	13 KB 5 KB	622ms 211ms	Script application/javascript	2600:9000:2112:e600:f:b2f5:a240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.flodesk.com/650.580e29ede6657aee2d7e.mjs Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/universal.mjs?v=850816200 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2112:e600:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01406c7813ca723d8c2cfe2ea12b84ebb6a0f59f18157d0e6d8d78c6adbf3c48 Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Wed, 29 Nov 2023 07:34:07 GMT Content-Encoding gzip Via 1.1 6133b66ce11a5e1136cb19b9348a9c08.cloudfront.net (CloudFront) X-Amz-Cf-Pop NRT51-C1 Age 389259 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 29 Nov 2023 07:33:22 GMT Server AmazonS3 ETag W/"3a3ecf4cc033c7692c44a4f976a76520" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000 X-Amz-Cf-Id s2DqzLhp7HIemt_EodKqSnhhZl1thRmdhDEwUZNB0yn-2hAaKRrM-A==
GET H/1.1	200 OK	2e601429-1a9d-4313-a55d-f46cbf8c8e13.png usercontent.flodesk.com/7a6535c6-09ce-4d58-81fe-480cdc008537/upload/	1 MB 1 MB	362ms 172ms	Image image/png	2600:9000:2514:3800:16:5ccd:c900:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usercontent.flodesk.com/7a6535c6-09ce-4d58-81fe-480cdc008537/upload/2e601429-1a9d-4313-a55d-f46cbf8c8e13.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:3800:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e859057d21e244c239a67e43bc29f61eff4a4f91c86b62cebfac9730abb6be0c Request headers accept-language en-US,en;q=0.9 Referer https://freebie.cor-events.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sun, 03 Dec 2023 19:41:46 GMT Via 1.1 3ffc96c97d8be4bd38d62dce94cb1db0.cloudfront.net (CloudFront) Last-Modified Mon, 14 Feb 2022 16:21:15 GMT Server AmazonS3 X-Amz-Cf-Pop JFK50-P8 Etag "42bb24e89182bb4c595796aaa32abf5a" X-Cache Miss from cloudfront Content-Type image/png Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 1265088 X-Amz-Cf-Id 1sV3OkFsMTjJ3qMkwoDIovur0WD39YDCTJjbjIBkPsi9Ukqolyg4Mw==
GET H2	200	H4clBXOCl9bbnla_nHIq75u9.woff2 fonts.gstatic.com/s/cormorant/v21/	32 KB 32 KB	56ms 55ms	Font font/woff2	2607:f8b0:4024:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cormorant:300,400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 04:53:27 GMT x-content-type-options nosniff age 398898 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32316 x-xss-protection 0 last-modified Mon, 20 Mar 2023 20:59:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Nov 2024 04:53:27 GMT
GET H2	200	pxiGyp8kv8JHgFVrLPTucHtA.woff2 fonts.gstatic.com/s/poppins/v20/	7 KB 7 KB	74ms 74ms	Font font/woff2	2607:f8b0:4024:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrLPTucHtA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4024:c00::5e Clarksville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://freebie.cor-events.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 04:09:14 GMT x-content-type-options nosniff age 55951 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7484 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:12:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 02 Dec 2024 04:09:14 GMT
OPTIONS H2	200	events form.flodesk.com/forms/620a810bd328ec5152cf005f/	0 0	687ms 686ms	Preflight	2600:9000:202f:de00:f:9de7:2240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form.flodesk.com/forms/620a810bd328ec5152cf005f/events Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:202f:de00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://freebie.cor-events.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin * content-length 0 date Sun, 03 Dec 2023 19:41:46 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 bb12617acf6aeec34b4592560a9ef908.cloudfront.net (CloudFront) x-amz-cf-id loLxIhgLSGhwirgHlXxiMmROR2q4WOYC_grLMP_25wsQFitzfZBuXQ== x-amz-cf-pop NRT51-C4 x-cache Miss from cloudfront
POST H2	200	events Show response form.flodesk.com/forms/620a810bd328ec5152cf005f/	5 B 274 B	696ms 695ms	XHR application/json	2600:9000:202f:de00:f:9de7:2240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form.flodesk.com/forms/620a810bd328ec5152cf005f/events Requested by Host: assets.flodesk.com URL: https://assets.flodesk.com/650.580e29ede6657aee2d7e.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:202f:de00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064 Request headers Referer https://freebie.cor-events.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Sun, 03 Dec 2023 19:41:46 GMT via 1.1 bb12617acf6aeec34b4592560a9ef908.cloudfront.net (CloudFront) x-amz-cf-pop NRT51-C4 vary Origin x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * content-length 5 x-amz-cf-id rGCGZBgiLNKex59ItcalQ_Js2J1bo4Sg-hsEEr9tqOCXwOMs2QGvAQ==

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| FlodeskObject function| fd function| fbq function| _fbq function| $ function| jQuery function| webpackJsonp_name_ object| device function| Waypoint function| lazyload function| _ function| showit-lib object| showit function| initPage object| S5 object| webpackChunk_dev_assets

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cor-events.com/	1970-01-20 18:50:08	Name: _fbp Value: fb.1.1701632503673.1408757767

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.flodesk.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
freebie.cor-events.com
lib.showit.co
static.showit.co
usercontent.flodesk.com
www.facebook.com
13.249.146.13
13.249.39.75
2600:9000:202f:de00:f:9de7:2240:93a1
2600:9000:2112:e600:f:b2f5:a240:93a1
2600:9000:2514:3800:16:5ccd:c900:93a1
2606:4700::6811:180e
2607:f8b0:4006:809::200a
2607:f8b0:4024:c00::5e
2607:f8b0:4024:c09::5f
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
75.101.134.27
01406c7813ca723d8c2cfe2ea12b84ebb6a0f59f18157d0e6d8d78c6adbf3c48
10ec6321cd1547b4109f7bb232828e0c4226fad265ace471975a25a4a537e6b7
12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
2c710c7533a3c87b64f5dc1ef53b15289aca859136b1cde3b8262846f75d2428
3747b4db2253c680e11f8d2724b44b6d1f15dddd0fefe3e6c64b074fa860fb5e
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4127ed901ab8c308cd39a9a3c4113fb5b4f9189aa5d98c090e0a9cd566afec87
4da345d0a59b80f29122537bc5e007b74f532f3dede23fc82bbab48faf06c6c3
5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3
71526258d9b32ae8086227e2eba70983bd87c814242d240361f36502099b30ad
823cd3f415444b3feafca55f1fc751b3bd59a8fb380e66eabcd7337571573e2f
8360e04cfec5a6d5133189fa39701d7a3779b85cf3f311410b89868689de19d4
8d5540ffc58ef3383a9ad5036ae5dfcb87b512b61ba53803347e772d705e3494
9b6956aa2fdf0a2e42a8e46c7d8b242e211265c53d10853668eabf87d4965e22
9d18a97885869e961f37282cf03ad2ad811ea2bf5cbf32991f15ba9fe2aa92f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1
a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf
b3ebf1340364decd3d114917b496959d89d756df5a75436f9514879da01f5377
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e859057d21e244c239a67e43bc29f61eff4a4f91c86b62cebfac9730abb6be0c
effe3ef07d4e0d249d837344e70bdf50fc94ccc44870b02103dad9a75d4e003f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546