urlscan.io logo urlscan.io
SecurityTrails logo

win.click2win4life.com Open in urlscan Pro
172.67.206.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406
Effective URL: https://win.click2win4life.com/api/offer
Submission: On April 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 2 countries across 26 domains to perform 75 HTTP transactions. The main IP is 172.67.206.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is win.click2win4life.com. The Cisco Umbrella rank of the primary domain is 539980.
TLS certificate: Issued by E1 on February 26th 2024. Valid for: 3 months.
This is the only time win.click2win4life.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.204.61.222 14618 (AMAZON-AES)
1 1 35.82.71.220 16509 (AMAZON-02)
1 34.218.159.153 16509 (AMAZON-02)
1 1 54.215.171.222 16509 (AMAZON-02)
1 1 34.149.113.138 396982 (GOOGLE-CL...)
1 3 172.67.206.69 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
11 2600:9000:20e... 16509 (AMAZON-02)
2 172.253.62.99 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 52.216.54.65 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.64.134.38 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 34.227.44.100 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.238.4.79 16509 (AMAZON-02)
1 142.251.111.97 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 151.101.1.44 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
4 172.64.135.38 13335 (CLOUDFLAR...)
2 172.253.62.105 15169 (GOOGLE)
1 142.251.111.154 15169 (GOOGLE)
1 199.38.167.130 54312 (ROCKETFUEL)
2 2603:1062:10:... 8075 (MICROSOFT...)
1 157.240.241.1 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 20.125.209.212 8075 (MICROSOFT...)
2 104.45.184.134 8075 (MICROSOFT...)
2 141.226.124.48 200478 (TABOOLA-AS)
4 34.233.38.11 14618 (AMAZON-AES)
1 216.239.32.181 ()
75 37
1    18.204.61.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-61-222.compute-1.amazonaws.com
pajvg.imitrkin.net
1    35.82.71.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-71-220.us-west-2.compute.amazonaws.com
fastlnd.com
1    34.218.159.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-159-153.us-west-2.compute.amazonaws.com
qckrtr.com
1    54.215.171.222 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-171-222.us-west-1.compute.amazonaws.com
smd4.com
1    34.149.113.138 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 138.113.149.34.bc.googleusercontent.com
go.whatifoffers.com
3    172.67.206.69 (United States)

ASN13335 (CLOUDFLARENET, US)
win.click2win4life.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
11    2600:9000:20ed:9000:16:a31f:4840:21 (United States)

ASN16509 (AMAZON-02, US)
d3v7hbq4afry8x.cloudfront.net
2    172.253.62.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f99.1e100.net
www.google.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    52.216.54.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
whatif-assets-cdn.s3.amazonaws.com
2    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.64.134.38 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
trk-keingent.com
1    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.227.44.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-44-100.compute-1.amazonaws.com
script.anura.io
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.238.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-79.phl51.r.cloudfront.net
ads.anura.io
1    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2600:9000:20ed:3a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
3    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
4    172.64.135.38 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-keingent.com
2    172.253.62.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f105.1e100.net
www.google.com
1    142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
stats.g.doubleclick.net
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
20759045p.rfihub.com
2    2603:1062:10:a::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.clarity.ms
2    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
4    34.233.38.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-38-11.compute-1.amazonaws.com
apm.cylog.io
1    216.239.32.181 (None, )

ASN- ()
analytics.google.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d3v7hbq4afry8x.cloudfront.net
73 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 704
pips.taboola.com — Cisco Umbrella Rank: 1744
cds.taboola.com — Cisco Umbrella Rank: 1930
trc-events.taboola.com — Cisco Umbrella Rank: 2340
34 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 148
1 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 753
c.clarity.ms — Cisco Umbrella Rank: 1387
a.clarity.ms — Cisco Umbrella Rank: 6521
23 KB
5 trk-keingent.com
trk-keingent.com — Cisco Umbrella Rank: 30904
event.trk-keingent.com — Cisco Umbrella Rank: 75015
3 KB
4 cylog.io
apm.cylog.io — Cisco Umbrella Rank: 251390
218 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 360
c.bing.com — Cisco Umbrella Rank: 245
16 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 357
102 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
74 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
425 B
3 anura.io
script.anura.io — Cisco Umbrella Rank: 59823
ads.anura.io — Cisco Umbrella Rank: 69560
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
304 KB
3 click2win4life.com
win.click2win4life.com — Cisco Umbrella Rank: 539980
11 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
306 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
215 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
30 KB
1 rfihub.com
20759045p.rfihub.com
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5289
6 KB
1 amazonaws.com
whatif-assets-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 278714
204 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1117
14 KB
1 whatifoffers.com
go.whatifoffers.com — Cisco Umbrella Rank: 763874
655 B
1 smd4.com
smd4.com
241 B
1 qckrtr.com
qckrtr.com
597 B
1 fastlnd.com
fastlnd.com
185 B
1 imitrkin.net
pajvg.imitrkin.net
439 B
75 26
Domain Requested by
11 d3v7hbq4afry8x.cloudfront.net win.click2win4life.com
4 apm.cylog.io d3v7hbq4afry8x.cloudfront.net
4 event.trk-keingent.com d3v7hbq4afry8x.cloudfront.net
4 analytics.google.com www.googletagmanager.com
4 www.google.com win.click2win4life.com
www.gstatic.com
3 cdn.taboola.com qckrtr.com
cdn.taboola.com
3 connect.facebook.net qckrtr.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
win.click2win4life.com
3 stats.g.doubleclick.net d3v7hbq4afry8x.cloudfront.net
www.googletagmanager.com
3 www.googletagmanager.com win.click2win4life.com
www.google-analytics.com
www.googletagmanager.com
3 ajax.googleapis.com win.click2win4life.com
3 win.click2win4life.com 1 redirects qckrtr.com
2 trc-events.taboola.com d3v7hbq4afry8x.cloudfront.net
2 a.clarity.ms d3v7hbq4afry8x.cloudfront.net
2 c.clarity.ms 1 redirects
2 www.facebook.com win.click2win4life.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google-analytics.com win.click2win4life.com
d3v7hbq4afry8x.cloudfront.net
2 script.anura.io qckrtr.com
d3v7hbq4afry8x.cloudfront.net
2 cdnjs.cloudflare.com win.click2win4life.com
1 c.bing.com 1 redirects
1 cds.taboola.com d3v7hbq4afry8x.cloudfront.net
1 pips.taboola.com d3v7hbq4afry8x.cloudfront.net
1 20759045p.rfihub.com c1.rfihub.net
1 trc.taboola.com cdn.taboola.com
1 c1.rfihub.net qckrtr.com
1 ads.anura.io d3v7hbq4afry8x.cloudfront.net
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 trk-keingent.com win.click2win4life.com
1 whatif-assets-cdn.s3.amazonaws.com win.click2win4life.com
1 maxcdn.bootstrapcdn.com win.click2win4life.com
1 fonts.googleapis.com win.click2win4life.com
1 go.whatifoffers.com 1 redirects
1 smd4.com 1 redirects
1 qckrtr.com
1 fastlnd.com 1 redirects
1 pajvg.imitrkin.net 1 redirects
75 38

This site contains links to these domains. Also see Links.

Domain
content.click2win4life.com
click2win4life.com
Subject Issuer Validity Valid
qckrtr.com
Amazon RSA 2048 M03		 2024-01-21 -
2025-02-18		 a year crt.sh
click2win4life.com
E1		 2024-02-26 -
2024-05-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
trk-keingent.com
GTS CA 1P5		 2024-03-28 -
2024-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
script.anura.io
Amazon RSA 2048 M03		 2023-10-16 -
2024-11-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
ads.anura.io
Amazon RSA 2048 M01		 2023-05-30 -
2024-06-27		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 06		 2024-04-01 -
2024-06-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.rfihub.net
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-28		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
cylog.io
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://win.click2win4life.com/api/offer
Frame ID: 8AE9B207B03091E7713D87BFD2A8D323
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=yfikmjcktcjg
Frame ID: 589E18E3202203B488A3769D79A3C4C3
Requests: 1 HTTP requests in this frame

Frame: https://20759045p.rfihub.com/ca.html?ver=9&rb=29330&ca=20759045&_o=29330&_t=20759045&pe=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&pf=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&ra=6165972624846092
Frame ID: 685E9E16B1481972FB6D4633F5696C61
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Frame ID: EC68460C4D946541560BC7BE6BD30973
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click 2 Win 4 Life!

Page URL History Show full URLs

  1. http://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 307
    https://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 302
    https://fastlnd.com/ep.php/JK-ezgay:76236/69179:4203.klnsd660b408b0000fb8d HTTP 302
    https://qckrtr.com/cr.php?cid=1150&EML=&meta Page URL
  2. https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&crpx=KU3K040183852 HTTP 302
    https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&sub3=blf1000.47869... HTTP 302
    https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&a... Page URL
  3. https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&a... HTTP 302
    https://win.click2win4life.com/api/offer Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

75
Requests

99 %
HTTPS

37 %
IPv6

26
Domains

38
Subdomains

37
IPs

2
Countries

1151 kB
Transfer

3173 kB
Size

62
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 307
    https://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 302
    https://fastlnd.com/ep.php/JK-ezgay:76236/69179:4203.klnsd660b408b0000fb8d HTTP 302
    https://qckrtr.com/cr.php?cid=1150&EML=&meta Page URL
  2. https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&crpx=KU3K040183852 HTTP 302
    https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&sub3=blf1000.47869-22607.RTEUS&sub5= HTTP 302
    https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age= Page URL
  3. https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age= HTTP 302
    https://win.click2win4life.com/api/offer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 307
  • https://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406 HTTP 302
  • https://fastlnd.com/ep.php/JK-ezgay:76236/69179:4203.klnsd660b408b0000fb8d HTTP 302
  • https://qckrtr.com/cr.php?cid=1150&EML=&meta
Request Chain 1
  • https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&crpx=KU3K040183852 HTTP 302
  • https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&sub3=blf1000.47869-22607.RTEUS&sub5= HTTP 302
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Request Chain 60
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&RedC=c.clarity.ms&MXFR=3626234486AD61532C70371082AD6FC7 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&MUID=301FE6A0E9F269493A61F2F4E87D68AA

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cr.php
qckrtr.com/
Redirect Chain
  • http://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406
  • https://pajvg.imitrkin.net/?utm_source=41852cce7669bb81&s1=4203&s2=164406
  • https://fastlnd.com/ep.php/JK-ezgay:76236/69179:4203.klnsd660b408b0000fb8d
  • https://qckrtr.com/cr.php?cid=1150&EML=&meta
403 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.218.159.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-159-153.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4c00b27a7baa50a2abff0a81656f4d40bc8a2f62e647b864ac778f6cfb3702eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
272
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 23:17:32 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 23:17:31 GMT
location
https://qckrtr.com/cr.php?cid=1150&EML=&meta
server
Apache
user
win.click2win4life.com/api/
Redirect Chain
  • https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&crpx=KU3K040183852
  • https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&sub3=blf1000.47869-22607.RTEUS&sub5=
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29ee...
859 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048f4b8cc241ef4374c3f31453d6bc64c32ab8fbfed7011a2940b9396089752f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc4b0f7af962b7-ORD
content-encoding
br
content-type
text/html
date
Mon, 01 Apr 2024 23:17:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owk9vX6sa7NzTFSyeWo7GlQYg6r%2Fd3k3yr6d0CElVznbz%2BggRHL%2FEf15NHngUkePzl5q1SFlucZlggD0m2qfxZ0mplcVY%2BNlTQkYa6C8wm0HzwuDVLJlh%2BSBDucplnku1h1afCPHH3De"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 23:17:32 GMT
location
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
bd53afca-4a3f-4110-a66f-292421b62648
Primary Request offer
win.click2win4life.com/api/
Redirect Chain
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29ee...
  • https://win.click2win4life.com/api/offer
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1450f687fc3e17e82651591c16719585386860f5bd5d545b48fbf53c4c1c1159

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://win.click2win4life.com
Referer
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de&aff_sub2=&ha_transaction_id=3d29eea4373f4adcac5914df47877e8e&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc4b117dfb62b7-ORD
content-encoding
br
content-type
text/html
date
Mon, 01 Apr 2024 23:17:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6EJJvCvz3Nk%2BfnF7Su2spq1K06%2Fcddu0Ha%2FvZ4DU63T22zVXF3V6LyytKBX6l6cxtqkWT6a4WSfr055M7HoCZe1WEdTOFsG4hg2vD2XKy2rxCW%2FbFsxlih5wWJviELvlIfguJ7kooY0"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86dc4b10ace562b7-ORD
content-length
0
date
Mon, 01 Apr 2024 23:17:33 GMT
location
https://win.click2win4life.com/api/offer
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvekIhC3AzcK1zlaRk13sTmuKEPTfUeYOpaJVpAFKOW%2BLUltpa2YoetBDC%2Bl6KuvO0dCPhMUnjXwp0cOgcxZ1%2FXu5iGw5TZTgekJjhQUahYZmEgfUXNwIY9Euixx5TQ9AIDtssmrkAPV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99da250fb4c5d727c5014b53fbde6aa9f3ce2125d62cc6b10c83f69df30e5f5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 23:17:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Apr 2024 23:17:33 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/ 		156 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/bootstrap.min.css
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2909c3fc03c4c6b40108470d87ee304c156f8247331f61e230f85ef1ea5735
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
970365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17430
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-26e4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNCfcs8IYFQarqCJNWwUO5pQWJHSFu2tm05TRcyJElBdqn8W%2FMWCbuzUdP9NGnuJ6GPtQHEEdRY%2BePS9ARo8F6LZLxnV1aAS4P%2B3sIzn3rDUGwOJQ1Aa2rHIKJHelMlO0HHw8%2FO0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86dc4b1368cb36c4-YYZ
expires
Sat, 22 Mar 2025 23:17:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 19:28:00 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 		233 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 19:28:01 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 19:33:33 GMT
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be18bc4f0ddf05cf8bf13e96bf167fae6741d00c01a950edc5cf2b90afd5ba17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1172568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11611
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c5e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPBJc7agEMBnweR%2F6qnWJrEenN0Owu0yRySuxsdk2ls4bzF4wUV1qM4nlzQX8TtLgkY%2FqylCza%2BacY9R%2BCHx14XQDTgcIlM%2FrdcMEYHiDICt27CykutCgsv%2FAE37vf6OPIZxI6nP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86dc4b1368ca36c4-YYZ
expires
Sat, 22 Mar 2025 23:17:33 GMT
extend.js
d3v7hbq4afry8x.cloudfront.net/js/ 		555 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/extend.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48ff4d35619e8050868c59b2bc61dc421e0d9659feea95aa5a88f5e0d8eb401f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:47:02 GMT
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59432
etag
"d36acdb39830efeba0870ae5dbc52444"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
555
x-amz-cf-id
xcukQendvbPj23ffATjyk7mXOeCQvpYNkndjziFlcnFn1qiZSl4Ktg==
x-amz-meta-s3b-last-modified
20170303T184138Z
moment.js
d3v7hbq4afry8x.cloudfront.net/js/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/moment.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8080393095c82a2c9d58a8ccd7ba45356ba6dd4aef7e59f8657b28a5acb9ded

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:50:35 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:49 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59219
etag
W/"9f9f17b1ad6cbf5a6ba1e14a67c16a53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-cf-id
O3SJNEt60grr3iWbYFOKCPK0jzHO7GSPwVJeIHcT2ZmSgS_yKk4hpA==
x-amz-meta-s3b-last-modified
20170303T184137Z
BrowserDetect.js
d3v7hbq4afry8x.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/BrowserDetect.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f02da6857982077377db2a8e8556871fc2d529af01fc63de0b95d2871d1d9ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:51:48 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59146
etag
W/"ec2998a1fb25db329f5052cc6e7d52d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LX-QRqKlVp6SrGJ3sRlVZ8ZgcLtQScNj54wYTyNa0h1tt9JKeGdn3w==
x-amz-meta-s3b-last-modified
20170303T184139Z
RegPath-v3.0.js
d3v7hbq4afry8x.cloudfront.net/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath-v3.0.js?rev=508
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b271493e02f812925465289a842f6fc816f0217854b480a2d6b5890747c17b0f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 04:02:01 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 12:42:34 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
69333
etag
W/"96fabdd68a0a8491699e891eb57e59e8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Y2kxUr8-lQuMsIaYoSQqHT9peh4xmOZIx3k-osORbYgkZxks7Mtc_A==
RegPath.Pixel.js
d3v7hbq4afry8x.cloudfront.net/js/ 		2 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath.Pixel.js?rev=201704101403
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:51:48 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Tue, 26 Apr 2022 16:09:59 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59146
etag
W/"4a14569c51e06c85ff11e1ecc9cc94f9"
vary
Accept-Encoding
x-amz-meta-sha256
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-id
sZsjw_nHVFt5AghRWZESK9W9yy5R344q7egNihFSoqMTOvZR5Q4O0A==
x-amz-meta-s3b-last-modified
20220426T160939Z
jquery.cookie.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/jquery.cookie.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c63e33c4b366a32852b7b7dc6d1219ab968322cd4984c57c37e2ad2e8c0f40a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:56:41 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
58853
etag
W/"8b099a68e388ea56b90df9abf7b71466"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
A3ed4kH-73cooNjxBW5mNo_VZu1BFLM7nsoVlzu4wx5wflTddghyAw==
x-amz-meta-s3b-last-modified
20170303T184137Z
RegPath.Functions.js
d3v7hbq4afry8x.cloudfront.net/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath.Functions.js?rev=20190131
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9f929ab4efbdc16890f6b6b7e966d49d2004d2bfb2ab26c3d1d93ac0bb4db0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:47:02 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Thu, 30 May 2019 19:08:48 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59431
etag
W/"84d6e60deef28fbe203c67622a90c769"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IHIQAkWHGTey1_TPoJhXgx1-KGUvV86S7ZFmyTIvTG7z7bzASXO7_w==
x-amz-meta-s3b-last-modified
20190530T190844Z
jquery.mask.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/jquery.mask.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a1865a0591bbdc6fb8464f7c1dcf6406dab9e64988c7d5fb33c95c31738716b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:50:35 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2017 11:48:16 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
59219
etag
W/"6a4c6cafe964acba8d9414f00553e62a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Dnfe--6I7dP7-RJ2zaHvtHxmpHMvg2BqBjlUkBpHLxjXElcMmgZdaQ==
x-amz-meta-s3b-last-modified
20170216T125457Z
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f99.1e100.net
Software
GSE /
Resource Hash
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Apr 2024 23:17:33 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
Origin
https://win.click2win4life.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
2870323
cdn-cachedat
10/31/2023 18:51:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
40709eb9e81799424db0ce7cfd190f94
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86dc4b137cd23987-YYZ
cdn-requestpullsuccess
True
c2w_ani_logo.gif
whatif-assets-cdn.s3.amazonaws.com/images/c2w/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatif-assets-cdn.s3.amazonaws.com/images/c2w/c2w_ani_logo.gif
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.54.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
294de811b09282b78945dcf5ef810d60f32795e61da9781c22d7162d92904af3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 23:17:34 GMT
Last-Modified
Tue, 20 Jul 2021 19:15:28 GMT
Server
AmazonS3
x-amz-request-id
XX5409Y7FEK3APVM
ETag
"dd37701b2e07b044ce399a0cb8036d77"
Content-Type
image/gif
x-amz-storage-class
INTELLIGENT_TIERING
Accept-Ranges
bytes
Content-Length
208545
x-amz-id-2
VuOSQt4yTls9RvLnQKmxLyzTaW74jpMGm6oduISyEoeXU4KIwH55uPCB6DgK0Yhu71SzDmmGbGc=
numberpicker.css
d3v7hbq4afry8x.cloudfront.net/css/c2w/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/css/c2w/numberpicker.css?rev=0017
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5380c18aca8e3719187a17910034e7b6baaed15f02729cc9f1896498c3805295

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 19:06:43 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 17:39:22 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
15050
etag
W/"6c11c396cf7d827c74899e2a85b1ad60"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
-mnF7ZJL9LqFDyaMkaoE-0IWf_mXIeSpa1R4hXd68MJ4Go-eq3zdCQ==
elastic-apm-rum.umd.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 07:10:37 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 17:22:27 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
58017
etag
W/"499a90f20515ce3b24663e9cf790a374"
vary
Accept-Encoding
x-amz-meta-sha256
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-id
BqiJsKfV2foQLvbELvREgiAjboLKhU1H56jOYW52kQtbjK8TZSxGHg==
x-amz-meta-s3b-last-modified
20210210T172039Z
gtm.js
www.googletagmanager.com/ 		278 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75b6d0a20290ec463874a0367dbdc8f89403057f3af53f49d1b3fabf890a9153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99077
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 22:30:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Apr 2024 23:17:33 GMT
w6g0k83e9m
trk-keingent.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-keingent.com/scripts/push/script/w6g0k83e9m?url=win.click2win4life.com&alturl=/api/offer
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.134.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ed6c7fd6b257bb60d242642599998eba9ab3245923aab0dc130847e2171294
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3384
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 Apr 2024 22:21:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G654XFkzOJdcFp2CUbKxlsbJnfue5D9B0CH1CQFmvBofbwv5oxALgklf%2BgZNwNjT89AUb%2BeLVsdctgQ6iTSxxpvxxB%2FN79kCpl8QQ31hReH%2FO9UguAEeZkj3lJjDwRXQPyow"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86dc4b14f97d5e7d-EWR
expires
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://win.click2win4life.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:06:23 GMT
x-content-type-options
nosniff
age
486670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 08:06:23 GMT
request.js
script.anura.io/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=1983232990&source=35&campaign=2447&exid=1af1f75fd74e10948f51e86e328628da&270468613820
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.44.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-44-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d8e4f893bbafe23da4d716cb72b55b2e859f117ff771fffa769b098801c70520
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 21:31:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6378
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Apr 2024 23:31:15 GMT
collect
www.google-analytics.com/j/ 		16 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1309073556&t=pageview&_s=1&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&ul=en-us&de=UTF-8&dt=Click%202%20Win%204%20Life!&sd=24-bit&sr=800x600&vp=1600x1113&je=0&cn=MetaLanding&cs=2447&cm=NA&ck=NA&cc=NA&_u=YEBAAEABAAAAACAAI~&jid=1429614121&gjid=395766553&cid=118698408.1712013454&tid=UA-104092376-1&_gid=60173297.1712013454&_r=1&_slc=1&cd2=11294302&cd1=1af1f75fd74e10948f51e86e328628da&z=1800391701
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bfc092ad4114d6a34ad066bbeadde46d16deb79ac5f91fc8470eca6b7deb67b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 		499 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
Origin
https://win.click2win4life.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203410
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Apr 2025 18:44:38 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-104092376-1&cid=118698408.1712013454&jid=1429614121&gjid=395766553&_gid=60173297.1712013454&_u=YEBAAEAAAAAAACAAI~&z=2052272497
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 01 Apr 2024 23:17:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		323 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
400422eff40aadb8edfd76c685896ed587a8e07ce598ee8da54ed530303383c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108575
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 23:17:33 GMT
showads.js
ads.anura.io/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?190396746332
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-79.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:04:28 GMT
content-encoding
gzip
via
1.1 f300b5f0c0ff51593fb31953294424c0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL51-P1
age
61985
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
qjqG0NYeaoNahBmRmnoL3nSFuy44vuKIMPqi_94Nt4aYwQs9OxRVZw==
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d14108bca2ebfa6aa82f83526b101e9fa9cf63d073c5e00cb3c4da42f9983952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 23:17:33 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 01 Apr 2024 23:17:33 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD86A14CB89949AB965E70A777720D48 Ref B: NYCEDGE1715 Ref C: 2024-04-01T23:17:33Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13280
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Apr 2024 23:17:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
1LJotPdLmUL7ZxcVsih2KARYZwLVjXG+MRYIF/By37WIRy7NgSDgnGft+fMPSE6Ul2ugqwme/ujGZDBTPpuS2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1525342/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3f21801936d963efa76d6df3007339e7a2fcb24c5c85e0f1dd40de5383d1310

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dB0wcctbfbfnT2N267rlRs2B5Klhw3PN
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 Apr 2024 23:17:33 GMT
x-amz-request-id
DK0B7YH0KXAFADG3
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21511
x-amz-id-2
JnrpiAFRcL96lfMITRO+XJCl9ZI2pJ3emoNRR3R95RfnDrJ6CP2kLdvTgsfnRKf89yeWX7NpinE=
x-served-by
cache-yyz4534-YYZ
last-modified
Sun, 31 Mar 2024 11:17:13 GMT
server
AmazonS3
x-timer
S1712013454.880189,VS0,VE49
etag
"49282058768cbb2dfb6ee04d6d9268a7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
31
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 22:56:01 GMT
content-encoding
gzip
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
last-modified
Mon, 01 Apr 2024 22:55:51 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
PHL50-C1
age
1292
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
VvolHlP9UYCE2IIkydcV8U2-QdbYiUv33QipVOpQqU8TVDjxq5GSsA==
expires
Mon, 01 Apr 2024 23:56:01 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-104092376-1&cid=118698408.1712013454&jid=1429614121&_u=YEBAAEAAAAAAACAAI~&z=935154357
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N3S3KMLTMB&gtm=45je4410v897481038za200&_p=1712013453211&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=800x600&cid=118698408.1712013454&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dt=Click%202%20Win%204%20Life!&cn=MetaLanding&cs=2447&cm=NA&ck=NA&cc=NA&sid=1712013453&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=11294302&ep.ua_dimension_1=1af1f75fd74e10948f51e86e328628da&tfd=992
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3S3KMLTMB&cid=118698408.1712013454&gtm=45je4410v897481038za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
57dkkvk4dw
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.135.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86dc4b1798d141bd-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 01 Apr 2024 23:17:34 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FxemHJGbM3W7ESS%2B2Q0608dNjTV9EKPxipY1940O13dOam%2F4h71NUN2UtvwiFZQpSammdrkDDw%2BWJ7ksxGoqkb%2BBTrxTmSSAwkD8ScVF5AfpSnB3LH%2FMLpXcXKuYblTX4mruPrsNrFj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
57dkkvk4dw
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.135.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 01 Apr 2024 23:17:34 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeHuy6Mt%2FVJvHhDvrNa1nGg0xrPs%2B9vewDVBfEjTwuLoLRf51yctfx8VVdoAubLrcXCJ79LR03dF%2F4WaqSuVcFiW0CJogZUO02MvHhwTQGFsM2pF85u4TnkitsW3Kt8EmUIdDcbDpZhI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86dc4b17e94b41bd-EWR
x-pushplatformapp-params
anchor
www.google.com/recaptcha/api2/ Frame 589E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=yfikmjcktcjg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NuX-5VCaIhOUfTwXxnIwVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NuX-5VCaIhOUfTwXxnIwVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Apr 2024 23:17:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4410v897480540z876106557za200&_p=1712013453211&gcd=13l3l3l3l1&npa=0&dma=0&cid=118698408.1712013454&ecid=103843486&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712013454&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=emailLandingView&_et=2&tfd=1203
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4410v897480540z876106557za200&_p=1712013453211&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=118698408.1712013454&ecid=103843486&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_s=2&sid=1712013454&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=page_view&_fv=1&_ss=1&tfd=1204
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TSC3CVVXJJ&cid=118698408.1712013454&gtm=45je4410v897480540z876106557za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1525342/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1525342/trc/3/json?tim=1712013454102&data=%7B%22id%22%3A24%2C%22ii%22%3A%22%2Fapi%2Foffer%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1712013454095%2C%22cv%22%3A%2220240331-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer%3F%22%2C%22e%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dwhatifholdingsllc-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1712013454100%2C%22ref%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D%22%2C%22item-url%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12368f139bc8150c1567442d0f5f71bd8bcc4c7b15d334259d74dcbe910731c2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
24
date
Mon, 01 Apr 2024 23:17:34 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
11904
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4534-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1712013454.117555,VS0,VE24
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
1152826321572698
connect.facebook.net/signals/config/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1152826321572698?v=2.9.151&r=stable&domain=win.click2win4life.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b4bf039459dc2dc6edc0c959ea39fbe309712486aadaa4c1744469e909771d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Apr 2024 23:17:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11635
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=63, mss=1294, tbw=63158, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
k5UNPIA7QZMZH1QCKSt7zTG9/KA21akUEVZsy13prPVFpfwLNn/ov/PuzIePoXyWXSfsz77bg/2P7I2b4eFoWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
283006946.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/283006946.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
401a27a0d77d23a54474f83f162b77ae0267038cbde300820577ecc1989412af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 01 Apr 2024 23:17:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69F42F468230461089F3EDB93E5BB624 Ref B: NYCEDGE1715 Ref C: 2024-04-01T23:17:34Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=283006946&tm=gtm002&Ver=2&mid=58975984-04db-4d02-9ee0-68a094771fd1&sid=055a3ff0f07e11eea4db8d7a7f580354&vid=055a8c60f07e11ee908adbd0f5c69a31&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Click%202%20Win%204%20Life!&p=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&r=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&lt=645&evt=pageLoad&sv=1&rn=532783
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 Apr 2024 23:17:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E062506866824E109B762980455496B9 Ref B: NYCEDGE1715 Ref C: 2024-04-01T23:17:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.html
20759045p.rfihub.com/ Frame 685E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20759045p.rfihub.com/ca.html?ver=9&rb=29330&ca=20759045&_o=29330&_t=20759045&pe=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&pf=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&ra=6165972624846092
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Content-Length
5207
Content-Type
text/html;charset=utf-8
Date
Mon, 01 Apr 2024 23:17:34 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.227.44.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-44-100.compute-1.amazonaws.com
Software
nginx /
Resource Hash
910eb3c2ccc4b6c5da0c24e005dbc2da0d7cca3bd3d56af1b8f43652ef8aa001
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 Apr 2024 23:17:34 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
2908
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4534-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1712013454.245705,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
89
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4690
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 Apr 2024 23:17:34 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
14428
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4534-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1712013454.245980,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
77
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
18320
283006946
www.clarity.ms/tag/uet/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/283006946
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/283006946.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:a::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff28aac77f813f9d3104349254acf827ad8747eb3fb939eddba8de0898c92f24

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Mon, 01 Apr 2024 23:17:33 GMT
x-azure-ref
0jkALZgAAAACfmluSWDylSbKUedt1oYHZRE0yQUExMDkxMjA3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
829
expires
-1
262452210906160
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/262452210906160?v=2.9.151&r=stable&domain=win.click2win4life.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
ee3be12b8f67454da3be2dbc5b3bf3944895c63f7ee50f32dc4051e876c83be6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Apr 2024 23:17:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2720
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4313, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
tFGPB05waX15mCTmbrMsampBdA8d1v15zfcAEzc5+4BUlmbqmTcmjH5veOQKNr8OhNs0pshUP3BMqdYpgxGYEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152826321572698&ev=PageView&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&rl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&if=false&ts=1712013454242&sw=800&sh=600&v=2.9.151&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712013454241.438285089&cdl=API_unavailable&it=1712013454118&coo=false&rqm=GET
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1294, tbw=2772, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Apr 2024 23:17:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
764f44a3a9c7a36c4e529923731f9a1d6aa31b8ff73a5dc120023302b81c5762

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-lga21928-LGA
date
Mon, 01 Apr 2024 23:17:34 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=262452210906160&ev=PageView&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&rl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&if=false&ts=1712013454281&sw=800&sh=600&v=2.9.151&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712013454241.438285089&cdl=API_unavailable&it=1712013454118&coo=false&rqm=GET
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1294, tbw=2772, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Apr 2024 23:17:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e&uad=8f350e4e4d08294a36f7e73e2d3ba0e730e9838aa09381ad77f15543631c9aa1&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTIzLjAuNjMxMi44Ng==&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTIz&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTIz&mbl=ZmFsc2U=
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 01 Apr 2024 23:17:34 GMT
cache-control
no-store
server
nginx
clarity.js
www.clarity.ms/s/0.7.26/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.26/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/283006946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:a::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:17:33 GMT
content-encoding
br
last-modified
Mon, 01 Apr 2024 13:40:06 GMT
etag
"0x8DC52513DD96806"
x-azure-ref
0jkALZgAAAADAVoPiIQ45QZFOzZhBhdU/RE0yQUExMDkxMjA3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3f91babd-601e-0050-5983-84ec8b000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&RedC=c.clarity.ms&MXFR=3626234486AD61532C70371082AD6FC7
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&MUID=301FE6A0E9F269493A61F2F4E87D68AA
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&MUID=301FE6A0E9F269493A61F2F4E87D68AA
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://win.click2win4life.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:34 GMT
last-modified
Fri, 01 Mar 2024 22:54:06 GMT
server
Microsoft-IIS/10.0
etag
"8573f85c2b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 58385513E8A64DB2962317A3B8ECE63E Ref B: NYCEDGE1715 Ref C: 2024-04-01T23:17:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A76AEA575C44A0AA403ED660CA4DE31&MUID=301FE6A0E9F269493A61F2F4E87D68AA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
bframe
www.google.com/recaptcha/api2/ Frame EC68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=moV1mTgQ6S91nuTnmll4Y9yf&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IBUGLe0yxqWGVUlWXw_4Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IBUGLe0yxqWGVUlWXw_4Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Apr 2024 23:17:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
C2W-favicon.png
d3v7hbq4afry8x.cloudfront.net/favicons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/favicons/C2W-favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 18:17:37 GMT
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Thu, 03 Feb 2022 14:15:05 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
17998
etag
"6552276e8e83c7ef39f40a4b57e3e8bf"
x-amz-meta-sha256
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
content-type
image/png
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
1823
x-amz-cf-id
f8vms-uL2sHfUvhARiRl7pM_nu0jxZMdwFCLpDEuO4lF7qByREh_Xw==
x-amz-meta-s3b-last-modified
20220203T141317Z
collect
a.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://win.click2win4life.com
Date
Mon, 01 Apr 2024 23:17:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
57dkkvk4dw
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.135.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 01 Apr 2024 23:17:35 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljy9iHoiGyNPmq9kAvbqwpqd2f5Z70LA1lOplpT2O9CFhMMnaiRba7I9djf57LvaGUIfij%2FR9C0I0VTuB2K3vxvK42sqp0A6ah5LPGkEg%2Fg3mZI8rJy0tC8F0MezRRMzeNCcEyFq59Hu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86dc4b204bb241bd-EWR
x-pushplatformapp-params
57dkkvk4dw
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.135.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86dc4b1ffb5141bd-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 01 Apr 2024 23:17:35 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaE8%2BjNNARlecmDynngYaj1uTZQNU%2BcTbJytDBCXqeXEp2xukjmIiMP%2FNyUGS09HctnOLPK4b7AwazEd9Q4NFBOUqEAJKjns%2Fpi%2FE4jEnOXYDaDDr8qF9HNdsoqGF0Rnyst3TqTYDuzV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
unip
trc-events.taboola.com/1525342/log/3/ 		0
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1525342/log/3/unip?en=pre_d_eng_tb&tos=1630&scd=0&ssd=1&est=1712013454098&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1712013455728&vi=1712013454095&ri=1a74f43410ad9ef7b321613beb1393d7&sd=v2_e96c94ff31dda3d1f45f769e0612ef88_c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e_1712013454_1712013454_CIi3jgYQ3oxdGI_W0N_pMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGiOu9DJnZuYkHNwAQ&ui=c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e&ref=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&cv=20240331-5-RELEASE&item-url=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
pragma
no-cache
date
Mon, 01 Apr 2024 23:17:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
events
apm.cylog.io/intake/v2/rum/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.38.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-38-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Content-Encoding
gzip
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-ndjson
Referer
https://win.click2win4life.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
date
Mon, 01 Apr 2024 23:17:36 GMT
x-content-type-options
nosniff
content-length
0
events
apm.cylog.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.38.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-38-11.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://win.click2win4life.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Mon, 01 Apr 2024 23:17:36 GMT
vary
Origin
x-content-type-options
nosniff
collect
a.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://win.click2win4life.com
Date
Mon, 01 Apr 2024 23:17:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
events
apm.cylog.io/intake/v2/rum/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.38.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-38-11.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Content-Encoding
gzip
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-ndjson
Referer
https://win.click2win4life.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
date
Mon, 01 Apr 2024 23:17:36 GMT
x-content-type-options
nosniff
content-length
0
events
apm.cylog.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.38.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-38-11.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://win.click2win4life.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Mon, 01 Apr 2024 23:17:36 GMT
vary
Origin
x-content-type-options
nosniff
unip
trc-events.taboola.com/1525342/log/3/ 		0
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1525342/log/3/unip?en=pre_d_eng_tb&tos=4631&scd=0&ssd=1&est=1712013454098&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1712013458730&vi=1712013454095&ri=1a74f43410ad9ef7b321613beb1393d7&sd=v2_e96c94ff31dda3d1f45f769e0612ef88_c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e_1712013454_1712013454_CIi3jgYQ3oxdGI_W0N_pMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGiOu9DJnZuYkHNwAQ&ui=c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e&ref=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&cv=20240331-5-RELEASE&item-url=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
pragma
no-cache
date
Mon, 01 Apr 2024 23:17:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4410v897480540za200&_p=1712013453211&gcd=13l3l3l3l1&npa=0&dma=0&cid=118698408.1712013454&ecid=103843486&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1712013454&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D6d2d4fbe-1632-4ba6-ac63-0c5f6309d0de%26aff_sub2%3D%26ha_transaction_id%3D3d29eea4373f4adcac5914df47877e8e%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=scroll&epn.percent_scrolled=90&_et=31&tfd=6235
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 23:17:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onpagereveal string| s_user_email object| dataLayer string| session_id number| z function| nr_pageview string| domain string| img_name object| link function| $ function| jQuery function| extend function| moment object| BrowserDetect function| recaptchaOnSuccess object| RegPath object| $jscomp object| bootstrap object| selnbs boolean| pop function| updateSelNb function| quick function| quick_clear function| pick function| validate function| errorAlert string| GoogleAnalyticsObject function| ga object| elasticApm function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Anura function| postscribe object| google_tag_manager_external object| google_tag_manager function| fbq function| _fbq object| _tfa function| _rfi object| googletag function| onYouTubeIframeAPIReady object| recaptcha object| closure_lm_863760 function| UET function| UET_init function| UET_push function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| ueto_e0fe2fa298 object| uetq function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| clarity object| clarityuetq

62 Cookies

Domain/Path Name / Value
.taboola.com/whatifholdingsllc-sc/ Name: taboola_session_id
Value: v2_e96c94ff31dda3d1f45f769e0612ef88_c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e_1712013454_1712013454_CIi3jgYQ3oxdGI_W0N_pMSABKAEw4QE4kaQOQMzrD0jd2NsDUIsEWABgAGiOu9DJnZuYkHNwAQ
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AC_1l6vCo1yLSLvP5A9S-Iqla2nF1Obe3Tl2w9ctsikO896bfm3aGNq2KUG_KAwBfLsH7VjWihwNsSCGKtjw6Ao
pajvg.imitrkin.net/ Name: unique_id
Value: 660b408b00018eb3
pajvg.imitrkin.net/ Name: unique_id2
Value: 660b408b000195c0
pajvg.imitrkin.net/ Name: tid
Value: klnsd660b408b0000fb8d
fastlnd.com/ Name: vip_id
Value: 69179.47869-26096
qckrtr.com/ Name: hskp
Value: KU3K040183852%2C
qckrtr.com/ Name: skip
Value: -1712013452%2C4102
qckrtr.com/ Name: 1150_4102_0
Value: 1712013452
smd4.com/ Name: vip_id
Value: 1000.47869-22607
go.whatifoffers.com/ Name: uniqueClick_51GJL6
Value: 8249d2b6-9524-4283-b693-9de18aefa734:1712013452
go.whatifoffers.com/ Name: transaction_id
Value: 3d29eea4373f4adcac5914df47877e8e
win.click2win4life.com/ Name: vertx-web.session
Value: 1af1f75fd74e10948f51e86e328628da
.click2win4life.com/ Name: _gid
Value: GA1.2.60173297.1712013454
.click2win4life.com/ Name: _gat
Value: 1
win.click2win4life.com/ Name: AWSALB
Value: 13GioX0lyD8fvp4cUceEc/pnsTYjDAJs5I0IXYyBpHemYFxF06OUL288rlvNT6MBcexc9nkdXla5Av+DN1fB+ct8B22ZgxJxyej379j/faJinqGRu886gTE543UB
win.click2win4life.com/ Name: AWSALBCORS
Value: 13GioX0lyD8fvp4cUceEc/pnsTYjDAJs5I0IXYyBpHemYFxF06OUL288rlvNT6MBcexc9nkdXla5Av+DN1fB+ct8B22ZgxJxyej379j/faJinqGRu886gTE543UB
.click2win4life.com/ Name: _gcl_au
Value: 1.1.715818269.1712013454
.click2win4life.com/ Name: _ga_N3S3KMLTMB
Value: GS1.2.1712013453.1.0.1712013453.60.0.0
.click2win4life.com/ Name: _ga
Value: GA1.1.118698408.1712013454
.click2win4life.com/ Name: _ga_TSC3CVVXJJ
Value: GS1.1.1712013454.1.0.1712013454.60.0.103843486
.click2win4life.com/ Name: _uetsid
Value: 055a3ff0f07e11eea4db8d7a7f580354
.click2win4life.com/ Name: _uetvid
Value: 055a8c60f07e11ee908adbd0f5c69a31
.taboola.com/ Name: t_gid
Value: c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e
.taboola.com/ Name: t_pt_gid
Value: c09b5111-8caf-4262-b6b1-05de3d4b6a9f-tuctd04c60e
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.bing.com/ Name: MUID
Value: 301FE6A0E9F269493A61F2F4E87D68AA
.bat.bing.com/ Name: MR
Value: 0
.click2win4life.com/ Name: _fbp
Value: fb.1.1712013454241.438285089
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzMja0sDA0MTe1MBTiM9StNDfKCawKy0kKcTQEALl_X5QlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwsDQ3NTYzMja0sDA0MTe1MBTiM9StNDfKCawKy0kKcTQEALl_X5QlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2809753623188147581
.pubmatic.com/ Name: PugT
Value: 1712013452
.casalemedia.com/ Name: CMID
Value: ZgtAjkt3uVIAAA3pAGG00gAA
.casalemedia.com/ Name: CMPS
Value: 101
.casalemedia.com/ Name: CMPRO
Value: 101
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.demdex.net/ Name: demdex
Value: 80626712428806346462677155884870514436
.rezync.com/ Name: zync-uuid
Value: 3d8c693d-59c5-428b-a850-eb664e29896b:1712013454.4624245
.media.net/ Name: visitor-id
Value: 3550150546634891000V10
.media.net/ Name: data-rk
Value: 2809753623188147581~~3
.dpm.demdex.net/ Name: dpm
Value: 80626712428806346462677155884870514436
.doubleclick.net/ Name: IDE
Value: AHWqTUmQT94Yspkl5S_4OrMLjGCEWT3dVS28wUS7u-NVJehUAitzGLkulmT_VcqCQsA
.rlcdn.com/ Name: rlas3
Value: lTkno6Enc6INaflXxu4AgT2fl7c3lb04WpXud1BJG7c=
.rlcdn.com/ Name: pxrc
Value: CAA=
www.clarity.ms/ Name: CLID
Value: 62e0cfc71a1d4141b7169204b3395163.20240401.20250401
.eyeota.net/ Name: mako_uid
Value: 18e9bf42cee-20a0000010a4251
.eyeota.net/ Name: SERVERID
Value: 16977~DM
.click2win4life.com/ Name: _clck
Value: 7z92ce%7C2%7Cfkk%7C0%7C1552
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dTVPLTPJTCxzq4oIz_AM9M00Ns6Od21iMTdOsUg2szRO0TW1TDbVNTGySNJNtDA10E1NMjMzSTWytLA0S7IyNDc0MjA0NjE10TMxMzIxMjEFAH0Min1YAAAA
.bidswitch.net/ Name: tuuid
Value: 52ee8bb9-872e-492a-b0e2-fe77ce923329
.bidswitch.net/ Name: c
Value: 1712013454
.bidswitch.net/ Name: tuuid_lu
Value: 1712013454
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 301FE6A0E9F269493A61F2F4E87D68AA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dTVPLTPJTCxzq4oIz_AM9M00Ns6Odw3iNTQ3NDIwNDYxNTE3MZzFiMQ3srTYhMbfhcY_hcZ_hcb_hcafxITKX4TGX4XG34Quz4LKv4XMNzE03sSK5l5uNPuFzY1TLJLNLI1TdE0tk011TYwsknQTLUwNdFOTzMxMUoFqLM2SrBCa9EzMjEyMTExnCSOZZGFuvgiVb_FIGNUmAF8xmI53AQAA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 301FE6A0E9F269493A61F2F4E87D68AA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.click2win4life.com/ Name: _clsk
Value: 1u5uua6%7C1712013454948%7C1%7C1%7Ca.clarity.ms%2Fcollect
live.rezync.com/ Name: sd-session-id
Value: .eJwNysEOgyAMANB_6VkWKC0UfsYI9EA23SLuMuO_z-NL3gnzR_d12XQ7IB_7Vyeor35rQD5h9N-qT8iAYlNkH9A7EUeRxcE1wdAx-nube7uPb1JD8s1wqmwIpZhF2BotIZBikhRKdtGhdZ6YHhSQkBiuP6mDJU4.ZgtAjw.Cq3BDFJRbvH4HC85yObvTbaG90Q

111 Console Messages

Source Level URL
Text
other error URL: https://win.click2win4life.com/api/offer
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1152826321572698?v=2.9.151&r=stable&domain=win.click2win4life.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20759045p.rfihub.com
a.clarity.ms
ads.anura.io
ajax.googleapis.com
analytics.google.com
apm.cylog.io
bat.bing.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
connect.facebook.net
d3v7hbq4afry8x.cloudfront.net
event.trk-keingent.com
fastlnd.com
fonts.googleapis.com
fonts.gstatic.com
go.whatifoffers.com
maxcdn.bootstrapcdn.com
pajvg.imitrkin.net
pips.taboola.com
qckrtr.com
script.anura.io
smd4.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
trk-keingent.com
whatif-assets-cdn.s3.amazonaws.com
win.click2win4life.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.24.14
104.18.11.207
104.45.184.134
141.226.124.48
141.226.224.32
142.251.111.154
142.251.111.97
151.101.1.44
157.240.241.1
172.253.62.105
172.253.62.99
172.64.134.38
172.64.135.38
172.67.206.69
18.204.61.222
18.238.4.79
199.38.167.130
20.125.209.212
2001:4860:4802:32::178
2001:4860:4802:36::181
216.239.32.181
2600:9000:20ed:3a00:1:76cf:fe80:93a1
2600:9000:20ed:9000:16:a31f:4840:21
2603:1062:10:a::1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9a
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::300
34.149.113.138
34.218.159.153
34.227.44.100
34.233.38.11
35.82.71.220
52.216.54.65
54.215.171.222
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
048f4b8cc241ef4374c3f31453d6bc64c32ab8fbfed7011a2940b9396089752f
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
12368f139bc8150c1567442d0f5f71bd8bcc4c7b15d334259d74dcbe910731c2
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1450f687fc3e17e82651591c16719585386860f5bd5d545b48fbf53c4c1c1159
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c
294de811b09282b78945dcf5ef810d60f32795e61da9781c22d7162d92904af3
2b4bf039459dc2dc6edc0c959ea39fbe309712486aadaa4c1744469e909771d2
400422eff40aadb8edfd76c685896ed587a8e07ce598ee8da54ed530303383c0
401a27a0d77d23a54474f83f162b77ae0267038cbde300820577ecc1989412af
48ff4d35619e8050868c59b2bc61dc421e0d9659feea95aa5a88f5e0d8eb401f
4a1865a0591bbdc6fb8464f7c1dcf6406dab9e64988c7d5fb33c95c31738716b
4c00b27a7baa50a2abff0a81656f4d40bc8a2f62e647b864ac778f6cfb3702eb
5380c18aca8e3719187a17910034e7b6baaed15f02729cc9f1896498c3805295
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
75b6d0a20290ec463874a0367dbdc8f89403057f3af53f49d1b3fabf890a9153
764f44a3a9c7a36c4e529923731f9a1d6aa31b8ff73a5dc120023302b81c5762
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f02da6857982077377db2a8e8556871fc2d529af01fc63de0b95d2871d1d9ab
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
910eb3c2ccc4b6c5da0c24e005dbc2da0d7cca3bd3d56af1b8f43652ef8aa001
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99da250fb4c5d727c5014b53fbde6aa9f3ce2125d62cc6b10c83f69df30e5f5a
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
ad9f929ab4efbdc16890f6b6b7e966d49d2004d2bfb2ab26c3d1d93ac0bb4db0
b271493e02f812925465289a842f6fc816f0217854b480a2d6b5890747c17b0f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
be18bc4f0ddf05cf8bf13e96bf167fae6741d00c01a950edc5cf2b90afd5ba17
bfc092ad4114d6a34ad066bbeadde46d16deb79ac5f91fc8470eca6b7deb67b0
c63e33c4b366a32852b7b7dc6d1219ab968322cd4984c57c37e2ad2e8c0f40a0
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
d14108bca2ebfa6aa82f83526b101e9fa9cf63d073c5e00cb3c4da42f9983952
d8080393095c82a2c9d58a8ccd7ba45356ba6dd4aef7e59f8657b28a5acb9ded
d8e4f893bbafe23da4d716cb72b55b2e859f117ff771fffa769b098801c70520
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ee3be12b8f67454da3be2dbc5b3bf3944895c63f7ee50f32dc4051e876c83be6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed6c7fd6b257bb60d242642599998eba9ab3245923aab0dc130847e2171294
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
f3f21801936d963efa76d6df3007339e7a2fcb24c5c85e0f1dd40de5383d1310
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff28aac77f813f9d3104349254acf827ad8747eb3fb939eddba8de0898c92f24
ff2909c3fc03c4c6b40108470d87ee304c156f8247331f61e230f85ef1ea5735