prettygifti.com Open in urlscan Pro
2606:4700:3032::681b:a72b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0
Effective URL:
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_...
Submission: On January 28 via manual (January 28th 2020, 8:09:36 am UTC) from IN

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::681b:a72b, located in United States and belongs to CLOUDFLARENET, US. The main domain is prettygifti.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 23rd 2019. Valid for: 10 months.

This is the only time prettygifti.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.146.57.150 194.146.57.150	35779 (MCLOUD-AS) (MCLOUD-AS)
20	2606:4700:303... 2606:4700:3032::681b:a72b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	80.241.213.38 80.241.213.38	51167 (CONTABO) (CONTABO)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	34.206.112.42 34.206.112.42	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
28	5

1 194.146.57.150 (Serbia) 1 redirects

ASN35779 (MCLOUD-AS, RS)
PTR: salenita.es

salenita.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3032::681b:a72b (United States)

ASN13335 (CLOUDFLARENET, US)

prettygifti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 80.241.213.38 (Munich, Germany)

ASN51167 (CONTABO, DE)
PTR: m1938.contaboserver.net

smoothylink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.112.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-112-42.compute-1.amazonaws.com

pushpal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	prettygifti.com prettygifti.com	373 KB
5	smoothylink.com smoothylink.com	183 KB
1	googleapis.com fonts.googleapis.com	612 B
1	pushpal.net pushpal.net	2 KB
1	gstatic.com www.gstatic.com	219 KB
1	salenita.es 1 redirects salenita.es	379 B
28	6

	Domain	Requested by
20	prettygifti.com	prettygifti.com
5	smoothylink.com	prettygifti.com
1	fonts.googleapis.com	prettygifti.com
1	pushpal.net	prettygifti.com
1	www.gstatic.com	prettygifti.com
1	salenita.es	1 redirects
28	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-23` - `2020-10-09`	10 months	crt.sh
smoothylink.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-16` - `2020-12-15`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
pushpal.net Amazon	`2019-10-08` - `2020-11-08`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Frame ID: DE0551B3E1B8B5848BB7F53D33766B52
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0 HTTP 302
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&cl... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/(?:([\d.]+)\/)?firebase(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

777 kB
Transfer

2283 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0 HTTP 302
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
prettygifti.com/
Redirect Chain

http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274

30 KB
6 KB

1173ms
1116ms

Document
text/html

2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: 2c141dfbbfeeb933eff0a904fe930a4a226b219d80825a31a6a5bd47bb32d9a2

Request headers

:method: GET
:authority: prettygifti.com
:scheme: https
:path: /?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jan 2020 08:09:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0f26faa65fa29a03abb8ceb0e7af81a71580198955; expires=Thu, 27-Feb-20 08:09:15 GMT; path=/; domain=.prettygifti.com; HttpOnly; SameSite=Lax
x-powered-by: PHP/7.2.25
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55c17bad6fbfe003-FRA
content-encoding: br

Redirect headers

Date: Tue, 28 Jan 2020 08:09:14 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Content-Length: 3
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 common_14_d.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 21 KB
5 KB 11ms
9ms Stylesheet
text/css 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/common_14_d.css
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324bd86341fcf12eecbb00ac9c09eba6c8b8d21ad4f2a87b5b0e41e479355609

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Jan 2020 09:23:13 GMT
server: cloudflare
age: 3624
etag: W/"55a4-59c02064b0240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb49a57e003-FRA

GET
H2 200 jquery.min.js Show response
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 118 KB
34 KB 17ms
16ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/jquery.min.js
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c9c2dda65e7d40f66814a3d3cda429811eb9426f50d376ea0707b2eab6dc3e

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:09:31 GMT
server: cloudflare
age: 3622
etag: W/"1d8c3-59998164124c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb49a5ce003-FRA

GET
H2 200 push.js.t%C3%A9l%C3%A9charg%C3%A9 Show response
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 908 B
373 B 313ms
312ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/push.js.t%C3%A9l%C3%A9charg%C3%A9
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ff4b6d1c8fd0a10c0f734a9df644ab4f664e8a31d1288bfa5ceed15791d86a

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 13 Dec 2019 16:02:46 GMT
server: cloudflare
etag: W/"38c-59997fe1d5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cf-ray: 55c17bb49a5ee003-FRA

GET
H2 200 firebase.js.t%C3%A9l%C3%A9charg%C3%A9 Show response
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 837 KB
207 KB 312ms
311ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/firebase.js.t%C3%A9l%C3%A9charg%C3%A9
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699b484c6187f3b2ab0d3f84ea5b1a5f92ec276a4e14d4bd757a01a7c7586deb

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 13 Dec 2019 16:02:46 GMT
server: cloudflare
etag: W/"d13f2-59997fe1d5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cf-ray: 55c17bb49a5fe003-FRA

GET
H2 200 moment.js Show response
prettygifti.com/2/ 147 KB
31 KB 18ms
17ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/moment.js
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Nov 2019 10:21:34 GMT
server: cloudflare
age: 3623
etag: W/"24d9d-5983d3e960780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb49a60e003-FRA

GET
H2 200 christmas.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 1 KB
407 B 10ms
9ms Stylesheet
text/css 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/christmas.css
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b988f7952b7c5b2b90206063454b2cf785c9e2b8cf15cb97a872db93a15d4e77

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Dec 2019 09:06:02 GMT
server: cloudflare
age: 3621
etag: W/"41e-599e2a3201280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb49a59e003-FRA

GET
H2 200 amz.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 15 KB
3 KB 12ms
12ms Stylesheet
text/css 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/amz.css
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86cbe5e31b724b70b0604fdadceeeca663c65835029cf506a6e30b737cd3bae

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:46 GMT
server: cloudflare
age: 3624
etag: W/"3d7f-59997fe1d5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb49a5ae003-FRA

GET
H2 200 pushpal.js.t%C3%A9l%C3%A9charg%C3%A9 Show response
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 3 KB
1 KB 315ms
315ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/pushpal.js.t%C3%A9l%C3%A9charg%C3%A9
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7ca55b769c5f9856e8f0a39dc3c7d96df5d716261f890381ea03c3d92dd7b0

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 13 Dec 2019 16:02:46 GMT
server: cloudflare
etag: W/"d5e-59997fe1d5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cf-ray: 55c17bb49a61e003-FRA

GET
H2 200 logo.png
prettygifti.com/2/ 18 KB
18 KB 11ms
11ms Image
image/png 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/logo.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8211af3816cb883136c6894edbbdeb000596dc9b5e16a835bbaf88df34b20400

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 14:55:33 GMT
server: cloudflare
age: 3623
etag: "46f5-59ab0af81e340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb49a62e003-FRA
content-length: 18165

GET
H2 200 gift_title_amz.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 1 KB
1 KB 11ms
10ms Image
image/png 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/gift_title_amz.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25e884cfae8bc67c62a7b164dd382014dc74a64cc7bb2d4d7b8f92f5dad11a7

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:46 GMT
server: cloudflare
age: 3624
etag: "57d-59997fe1d5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb49a63e003-FRA
content-length: 1405

GET
H2 200 Flag_of_Italy.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 28 KB
29 KB 11ms
10ms Image
image/png 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/Flag_of_Italy.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b822b3c2ea17bdfbccc4dd6e44421f0e69b6e7e9350944bc2272ac198fa3f171

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Dec 2019 09:44:59 GMT
server: cloudflare
age: 3622
etag: "71ae-599cf10947cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb4aa93e003-FRA
content-length: 29102

GET
H/1.1 200
OK nX8KhvMmVxCt7y5domlotpXyU7XdczE2hZRkAdXQ.jpeg
smoothylink.com/storage/images/ 5 KB
6 KB 148ms
33ms Image
image/jpeg 80.241.213.38
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smoothylink.com/storage/images/nX8KhvMmVxCt7y5domlotpXyU7XdczE2hZRkAdXQ.jpeg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.213.38 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1938.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26 /
Resource Hash: 3976a08224d37ae5b8f76295f91191232596b2feced93dabb8f80275313f2386

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:16 GMT
Last-Modified: Tue, 31 Dec 2019 10:38:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26
ETag: "15a9-59afd8fe6c158"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5545

GET
H/1.1 200
OK sCTPTZeB2erkHtjv7oKfaJaqOChxpKBrdkjWuLC7.jpeg
smoothylink.com/storage/images/ 7 KB
7 KB 76ms
33ms Image
image/jpeg 80.241.213.38
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smoothylink.com/storage/images/sCTPTZeB2erkHtjv7oKfaJaqOChxpKBrdkjWuLC7.jpeg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.213.38 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1938.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26 /
Resource Hash: 17dd03ab9e625d08ff6965671233ab8fa3fdc2392f29890a2b68f8b8b212cae9

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:16 GMT
Last-Modified: Tue, 31 Dec 2019 10:52:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26
ETag: "1a14-59afdc14e7e8c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6676

GET
H/1.1 200
OK tZ0JwOxEmJW2I4CwAS7A906oJRRg5DfJDhUhbXiX.jpeg
smoothylink.com/storage/images/ 36 KB
37 KB 43ms
33ms Image
image/jpeg 80.241.213.38
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smoothylink.com/storage/images/tZ0JwOxEmJW2I4CwAS7A906oJRRg5DfJDhUhbXiX.jpeg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.213.38 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1938.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26 /
Resource Hash: 6412961618ca0cff5c1ec20c03e2a29a0ab33e9632b53563914a726ee6f1932c

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:16 GMT
Last-Modified: Tue, 31 Dec 2019 10:54:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26
ETag: "91de-59afdc97b6353"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37342

GET
H/1.1 200
OK O3DNTgTJAFY3mFZ3ZYgl67W7MFqoZyceMiUPlQjJ.jpeg
smoothylink.com/storage/images/ 20 KB
20 KB 33ms
33ms Image
image/jpeg 80.241.213.38
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smoothylink.com/storage/images/O3DNTgTJAFY3mFZ3ZYgl67W7MFqoZyceMiUPlQjJ.jpeg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.213.38 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1938.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26 /
Resource Hash: b0f15649b2e9d79915b15eb84a00e9023c32e8a1795347ecf3701737fc5ab12d

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:16 GMT
Last-Modified: Tue, 31 Dec 2019 11:01:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26
ETag: "4e28-59afde0800657"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20008

GET
H/1.1 200
OK ThJgZJOsyvmF47osUjjokwKfC4nBpGaj1n2kGDdt.jpeg
smoothylink.com/storage/images/ 114 KB
114 KB 33ms
33ms Image
image/jpeg 80.241.213.38
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smoothylink.com/storage/images/ThJgZJOsyvmF47osUjjokwKfC4nBpGaj1n2kGDdt.jpeg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.241.213.38 Munich, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1938.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26 /
Resource Hash: 20cc93842909e4cc6682334f63d14389ec092a247987f76bf3bd6007c358ce78

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:16 GMT
Last-Modified: Tue, 31 Dec 2019 11:02:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.26
ETag: "1c64e-59afde5d8836a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 116302

GET
H2 200 user.jpg
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 2 KB
3 KB 19ms
18ms Image
image/jpeg 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/user.jpg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f782a620f19b1476cc555cbb6e176d69aac1aea96208480add5cf9414ce1eb8c

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:47 GMT
server: cloudflare
age: 3620
etag: "9f1-59997fe2c97c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb62eeae003-FRA
content-length: 2545

GET
H2 200 watch_img2.jpg
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 17 KB
17 KB 12ms
11ms Image
image/jpeg 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/watch_img2.jpg
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1e86679b65dc143394d201d05e2caf87077a72229c2e3fa0c3d9741a23bd289

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:47 GMT
server: cloudflare
age: 3621
etag: "429f-59997fe2c97c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb64f46e003-FRA
content-length: 17055

GET
H2 200 ssl_img_new.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 6 KB
7 KB 16ms
16ms Image
image/png 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ssl_img_new.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd2dda7485a9fef032f36694a1168141fbd485f1704eabca64e4a02d3ae14c9a

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:47 GMT
server: cloudflare
age: 3621
etag: "19dd-59997fe2c97c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb65f7ce003-FRA
content-length: 6621

GET
H2 200 block_logo.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ 9 KB
9 KB 12ms
12ms Image
image/png 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/block_logo.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d07dc950069456f7216f32a6f5d5d299948b021d64035edca161089bf8edc1d

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 16:02:47 GMT
server: cloudflare
age: 3620
etag: "2558-59997fe2c97c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 55c17bb67fc4e003-FRA
content-length: 9560

GET
H2 200 app.js Show response
prettygifti.com/2/ 865 B
453 B 11ms
11ms Script
application/javascript 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prettygifti.com/2/app.js
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7332901e7fcfe023c5486ebb67ba9d298d1e10e264520825c32ca7e863229868

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Dec 2019 08:50:35 GMT
server: cloudflare
age: 3620
etag: W/"361-599ce4e07ccc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 55c17bb59d30e003-FRA

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/5.5.1/ 837 KB
219 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.1/firebase.js

Requested by

Host: prettygifti.com
URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/push.js.t%C3%A9l%C3%A9charg%C3%A9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699b484c6187f3b2ab0d3f84ea5b1a5f92ec276a4e14d4bd757a01a7c7586deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 04:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Sep 2018 21:46:21 GMT
server: sffe
age: 5803113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 223784
x-xss-protection: 0
expires: Sat, 21 Nov 2020 04:10:43 GMT

GET
H/1.1 200
OK pushpal.js Show response
pushpal.net/ 3 KB
2 KB 470ms
111ms Script
application/javascript 34.206.112.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pushpal.net/pushpal.js

Requested by

Host: prettygifti.com
URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/push.js.t%C3%A9l%C3%A9charg%C3%A9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.112.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-112-42.compute-1.amazonaws.com

Software

Resource Hash

fd7ca55b769c5f9856e8f0a39dc3c7d96df5d716261f890381ea03c3d92dd7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 08:09:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
transfer-encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Oct 2019 01:18:20 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"d5e-16db33eceb0"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 3 KB
612 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700

Requested by

Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01c4f7e698d8fde6ca2de97a39d051a7196a175984a31bbfda2a106939c6077d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 08:09:17 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 08:09:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 08:09:17 GMT

GET
H2 404 light_christmas.png
prettygifti.com/2/ 219 B
219 B 10ms
10ms Image
text/html 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/light_christmas.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8abc7f86359a205f29a3f58438ba9bd95908c87251d30be160a6277340a12023

Request headers

Referer: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/christmas.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 76
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 55c17bbbdeb9e003-FRA

GET
H2 404 footer_chr_2.png
prettygifti.com/2/ 216 B
216 B 14ms
14ms Image
text/html 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/footer_chr_2.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de4364f02301feaeeeb822db034afd3079b7fd71f6eb03e07f31bff055d76c2

Request headers

Referer: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/christmas.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 76
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 55c17bbbdec2e003-FRA

GET
H2 404 snow_popup.png
prettygifti.com/2/ 214 B
214 B 10ms
10ms Image
text/html 2606:4700:3032::681b:a72b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prettygifti.com/2/snow_popup.png
Requested by: Host: prettygifti.com
URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:a72b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554ac9818d3fbfa67d17df900a6a3dce558a56f91eba85ba44a6fab64947accc

Request headers

Referer: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/christmas.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 08:09:17 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 76
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 55c17bbbdee2e003-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.prettygifti.com/	1970-01-19 07:39:50	Name: __cfduid Value: d0f26faa65fa29a03abb8ceb0e7af81a71580198955

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.gstatic.com/firebasejs/5.5.1/firebase.js(Line 1) Message: It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the CDN builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): https://www.gstatic.com/firebasejs/5.0.0/firebase-<PACKAGE>.js
console-api	warning	URL: https://prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/firebase.js.t%C3%A9l%C3%A9charg%C3%A9(Line 1) Message: It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the CDN builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): https://www.gstatic.com/firebasejs/5.0.0/firebase-<PACKAGE>.js
console-api	log	URL: https://prettygifti.com/2/app.js(Line 5) Message: hideAll
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq1
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq2
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq3
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq4
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq5
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideq6
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hidesearching
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hidegift1
console-api	log	URL: https://prettygifti.com/2/app.js(Line 9) Message: hideundefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
prettygifti.com
pushpal.net
salenita.es
smoothylink.com
www.gstatic.com
194.146.57.150
2606:4700:3032::681b:a72b
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2003
34.206.112.42
80.241.213.38
01c4f7e698d8fde6ca2de97a39d051a7196a175984a31bbfda2a106939c6077d
17dd03ab9e625d08ff6965671233ab8fa3fdc2392f29890a2b68f8b8b212cae9
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
20cc93842909e4cc6682334f63d14389ec092a247987f76bf3bd6007c358ce78
2c141dfbbfeeb933eff0a904fe930a4a226b219d80825a31a6a5bd47bb32d9a2
2d07dc950069456f7216f32a6f5d5d299948b021d64035edca161089bf8edc1d
2de4364f02301feaeeeb822db034afd3079b7fd71f6eb03e07f31bff055d76c2
324bd86341fcf12eecbb00ac9c09eba6c8b8d21ad4f2a87b5b0e41e479355609
33ff4b6d1c8fd0a10c0f734a9df644ab4f664e8a31d1288bfa5ceed15791d86a
3976a08224d37ae5b8f76295f91191232596b2feced93dabb8f80275313f2386
554ac9818d3fbfa67d17df900a6a3dce558a56f91eba85ba44a6fab64947accc
6412961618ca0cff5c1ec20c03e2a29a0ab33e9632b53563914a726ee6f1932c
699b484c6187f3b2ab0d3f84ea5b1a5f92ec276a4e14d4bd757a01a7c7586deb
7332901e7fcfe023c5486ebb67ba9d298d1e10e264520825c32ca7e863229868
8211af3816cb883136c6894edbbdeb000596dc9b5e16a835bbaf88df34b20400
8abc7f86359a205f29a3f58438ba9bd95908c87251d30be160a6277340a12023
a1e86679b65dc143394d201d05e2caf87077a72229c2e3fa0c3d9741a23bd289
b0f15649b2e9d79915b15eb84a00e9023c32e8a1795347ecf3701737fc5ab12d
b6c9c2dda65e7d40f66814a3d3cda429811eb9426f50d376ea0707b2eab6dc3e
b822b3c2ea17bdfbccc4dd6e44421f0e69b6e7e9350944bc2272ac198fa3f171
b988f7952b7c5b2b90206063454b2cf785c9e2b8cf15cb97a872db93a15d4e77
c25e884cfae8bc67c62a7b164dd382014dc74a64cc7bb2d4d7b8f92f5dad11a7
d86cbe5e31b724b70b0604fdadceeeca663c65835029cf506a6e30b737cd3bae
f782a620f19b1476cc555cbb6e176d69aac1aea96208480add5cf9414ce1eb8c
fd2dda7485a9fef032f36694a1168141fbd485f1704eabca64e4a02d3ae14c9a
fd7ca55b769c5f9856e8f0a39dc3c7d96df5d716261f890381ea03c3d92dd7b0

prettygifti.com Open in urlscan Pro 2606:4700:3032::681b:a72b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

777 kBTransfer

2283 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

prettygifti.com Open in urlscan Pro
2606:4700:3032::681b:a72b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

777 kB
Transfer

2283 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!