www.korek-treasures.com Open in urlscan Pro
195.230.102.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chooseyourprize.etisalat.af/
Effective URL:
https://www.korek-treasures.com/
Submission: On November 09 via manual (November 9th 2021, 5:47:04 pm UTC) from NL — Scanned from NL

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 195.230.102.170, located in Athens, Greece and belongs to VELTI-AS, GR. The main domain is www.korek-treasures.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 22nd 2021. Valid for: a year.

This is the only time www.korek-treasures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	195.230.102.170 195.230.102.170	41372 (VELTI-AS) (VELTI-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
38	8

28 195.230.102.170 (Athens, Greece) 1 redirects

ASN41372 (VELTI-AS, GR)

chooseyourprize.etisalat.af	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.korek-treasures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	korek-treasures.com www.korek-treasures.com	1 MB
3	gstatic.com fonts.gstatic.com	65 KB
2	facebook.net connect.facebook.net	80 KB
2	googletagmanager.com www.googletagmanager.com	92 KB
1	facebook.com www.facebook.com
1	google-analytics.com www.google-analytics.com	353 B
1	googleapis.com fonts.googleapis.com	870 B
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	etisalat.af 1 redirects chooseyourprize.etisalat.af	220 B
38	9

	Domain	Requested by
27	www.korek-treasures.com	www.korek-treasures.com
3	fonts.gstatic.com	fonts.googleapis.com www.korek-treasures.com
2	connect.facebook.net	www.korek-treasures.com connect.facebook.net
2	www.googletagmanager.com	www.korek-treasures.com www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.korek-treasures.com
1	cdnjs.cloudflare.com	www.korek-treasures.com
1	chooseyourprize.etisalat.af	1 redirects
38	9

This site contains no links.

Subject Issuer	Validity	Valid
www.korek-treasures.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-22` - `2022-07-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-19` - `2021-11-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.korek-treasures.com/
Frame ID: 7B67A981753B2F0F0904779B6DDD38B6
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كنز كورك | خدمة "كنز كورك " المسلية

Page URL History Show full URLs

http://chooseyourprize.etisalat.af/ HTTP 302
https://www.korek-treasures.com/ Page URL

Page Statistics

38
Requests

100 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1607 kB
Transfer

3189 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chooseyourprize.etisalat.af/ HTTP 302
https://www.korek-treasures.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request / Show response
www.korek-treasures.com/
Redirect Chain

http://chooseyourprize.etisalat.af/
https://www.korek-treasures.com/

1 KB
2 KB

365ms
76ms

Document
text/html

195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

91aabc589379fe443308bc257457b461c346f04c3d5fee962de3c2880eee4147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:hidden_img:443
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 1299
Date: Tue, 09 Nov 2021 17:46:57 GMT

Redirect headers

Date: Tue, 09 Nov 2021 17:46:56 GMT
Server: Apache/2.2.15 (CentOS)
Location: https://www.korek-treasures.com/
Content-Length: 309
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ 26 KB
6 KB 150ms
55ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 74956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4839
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlRvTvogz9%2FdIxd4islTSORl9pS5kmtId4qy79X5hbzFMaV9CbRfP3WBsmKf03O8cUUQ1nHcvVnuUhbEMjYPlf1SRflpCxKdUYBjfXBlWNfD3jeHRaT%2BP%2F0oj9ykBQ4hOoR5a4GBGLrrC1PX83tYIbPf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab8dd0d09a169c9-MAD
expires: Sun, 30 Oct 2022 17:46:57 GMT

GET
H/1.1 200 main.min.css
www.korek-treasures.com/static/css/ 206 KB
34 KB 141ms
140ms Stylesheet
text/css 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/css/main.min.css

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

96aa87c76b7ae96f6b151118a7d03722f66ef16bfcdbcc13835c2179ba9cf2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ 959 B
870 B 81ms
29ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cc4a397220b33d6d15ae0fec6588229b6c526dc6c6d7f78aaadbbc7021042fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 16:24:10 GMT
server: ESF
date: Tue, 09 Nov 2021 17:46:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Nov 2021 17:46:57 GMT

GET
H/1.1 200 app.68a4f07d8682de4379fcd974378efc4e.css
www.korek-treasures.com/static/css/ 1 KB
2 KB 209ms
72ms Stylesheet
text/css 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/css/app.68a4f07d8682de4379fcd974378efc4e.css

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

62d3330d2741e43e5016194b3f5f637047ef57a1fb71c0134748ba3a973c606e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 1378
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 manifest.2ae2e69a05c33dfc65f8.js Show response
www.korek-treasures.com/static/js/ 840 B
1 KB 219ms
83ms Script
application/javascript 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/js/manifest.2ae2e69a05c33dfc65f8.js

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

84dab359add9fcb6824544e09cbfaf934683c22c98ac7f40e38f3b7dfdaaf2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 840
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 vendor.7c743537b006a8f9866a.js Show response
www.korek-treasures.com/static/js/ 641 KB
209 KB 286ms
150ms Script
application/javascript 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

c8bef3acfd93a8c00a05edc4e4ff3627d2ae2b3b38c4a7605ee4e2c41f8264f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 app.4c42ab6c53658bd81dd9.js Show response
www.korek-treasures.com/static/js/ 506 KB
94 KB 281ms
144ms Script
application/javascript 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/js/app.4c42ab6c53658bd81dd9.js

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

245386f2facf9d3f625d9dcbdbe885c9054865e0ca864e4f6825044861e1e47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getAvailableLocales Show response
www.korek-treasures.com/api/ 59 B
431 B 83ms
83ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/api/getAvailableLocales

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

c144f6575d14ac5f089f5d69bff3540783f9ec273c2011e742a67b15eb8b87d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getDefaultLanguage Show response
www.korek-treasures.com/api/ 2 B
354 B 71ms
71ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/api/getDefaultLanguage

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

b1b7afa76db271451a1f3fff738ff21ed53cca91f7f580bb294193e9d2da31b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:57 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 2
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getTranslations Show response
www.korek-treasures.com/api/ 60 KB
60 KB 73ms
73ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/api/getTranslations?lang=AR

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

51ab50e87289f52608397847c10b4780e394faecad40645ff8854eaa71f325fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 main_AR.min.css
www.korek-treasures.com/static/css/ 211 KB
35 KB 90ms
90ms Stylesheet
text/css 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/css/main_AR.min.css

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/app.4c42ab6c53658bd81dd9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

604a225f8fd1c1a83bdc53f794d696228712e9c2b9321c2d0feb66cfada05b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getPrizeData Show response
www.korek-treasures.com/api/ 3 KB
3 KB 103ms
103ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/api/getPrizeData?lang=AR

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

4cda70969dbbd8302cfd9db57750a6ce485818d59b1946e5aae2dbe05776ff14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 2719
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getWinnersData Show response
www.korek-treasures.com/api/ 58 B
411 B 76ms
76ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/api/getWinnersData?lang=AR

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

39cc66aae915d588e8f2bdffff88ff1094e51a8ec8c1fe184540ec242bce3580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 58
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getSplashProperties Show response
www.korek-treasures.com/publicapi/ 107 B
461 B 69ms
69ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/publicapi/getSplashProperties

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

8e099b02bb0c5653085ea0a86dc545d27543d3e0988bfaa709874697a9e70531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 107
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getApplicationProperties Show response
www.korek-treasures.com/publicapi/ 2 KB
2 KB 69ms
69ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/publicapi/getApplicationProperties

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

fe50e4c157e9911bca686a5570fd3c8d96450d187f1f4ab67eab1b03ca7059ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Authorization: undefined
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 1790
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 skin_AR.css
www.korek-treasures.com/static/skins/skin_5/css/ 19 KB
4 KB 72ms
72ms Stylesheet
text/css 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/skins/skin_5/css/skin_AR.css

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/app.4c42ab6c53658bd81dd9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

358d1430b572a9e99846cae16e06305079e1c48c22f1712a069c04ba7d21a822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 logo.png
www.korek-treasures.com/ext/skin/ 4 KB
5 KB 77ms
76ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/ext/skin/logo.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

c13ce9a0426967a5ec1b92abd8346463828798e82c593d128bf9499eb3cddbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 09:56:21 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 4343
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 Get-Started_prizes_lossy.png
www.korek-treasures.com/ext/prizes/ 45 KB
45 KB 136ms
136ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/ext/prizes/Get-Started_prizes_lossy.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

49d217e218ce6db007aeca7522354c87007d921d31d8ba5f5ca2f610b4d10a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 09:56:21 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 45923
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 free-trial-stripe_AR.png
www.korek-treasures.com/ext/skin/ 6 KB
7 KB 73ms
73ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/ext/skin/free-trial-stripe_AR.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

0fd45402145dd3419441668e207974adac16ae319ef58ecad965f45e80147669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 09:56:21 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 6472
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 safari_uc.png
www.korek-treasures.com/static/images/ 934 B
1 KB 77ms
77ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/static/images/safari_uc.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

4967249a776d959611b012500b920d779aa48c02732cd09d6582f1046b7f35c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 934
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getVersionInfo Show response
www.korek-treasures.com/publicapi/ 109 B
463 B 142ms
69ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/publicapi/getVersionInfo

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

c588d9dab3b3b748d8be6d04b8aad5916dde70c6d7f6d5ce32b4a69fe856e2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 109
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getGTMInfo Show response
www.korek-treasures.com/publicapi/ 68 B
421 B 145ms
69ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/publicapi/getGTMInfo

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

1ddd0ceb9f81f38bd01eb216a7e760904a69ac4aa3f747be3b0dcfd3571547f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 68
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 getFbInfo Show response
www.korek-treasures.com/publicapi/ 73 B
426 B 146ms
69ms XHR
application/json 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/publicapi/getFbInfo

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

0652ec8c99bdc223b4d5d4f69c14940bc7af0d66c709ecdd8bb85ee780dee135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 73
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 get_started_bg.jpg
www.korek-treasures.com/static/images/ 95 KB
96 KB 229ms
127ms Image
image/jpeg 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/static/images/get_started_bg.jpg

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/css/main_AR.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

e5441921b7ab5d2c87d7cd9a3ec87da6d48912df3c9e56326774f40412f1f9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/static/css/main_AR.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 97534
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 Get-Started_tablet.png
www.korek-treasures.com/static/images/ 110 KB
110 KB 239ms
127ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/static/images/Get-Started_tablet.png

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/css/main_AR.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

21ac34aa9ca2e84928831c4cf45eab62c8a56290554dfe8c4a3d3d0212a0b83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/static/css/main_AR.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 112576
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H2 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v10/ 18 KB
18 KB 98ms
46ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.korek-treasures.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 06:55:19 GMT
x-content-type-options: nosniff
age: 384699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17952
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 06:55:19 GMT

GET
H/1.1 200 DUEL.woff
www.korek-treasures.com/static/fonts/ 5 KB
6 KB 122ms
72ms Font
application/font-woff 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.korek-treasures.com/static/fonts/DUEL.woff

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/css/main_AR.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

f7a63914ea7319646bb9a90e176b9bfb498097eaee8a98026a6b7e5840597237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.korek-treasures.com/static/css/main_AR.min.css
Origin: https://www.korek-treasures.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: application/font-woff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 5604
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v10/ 20 KB
20 KB 90ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.korek-treasures.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:40:27 GMT
x-content-type-options: nosniff
age: 486391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20672
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:47:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:40:27 GMT

GET
H2 200 SLXLc1nY6Hkvalqaa46L59M.ttf
fonts.gstatic.com/s/cairo/v5/ 47 KB
27 KB 75ms
23ms Font
font/ttf 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v5/SLXLc1nY6Hkvalqaa46L59M.ttf

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/css/main_AR.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a0c42585728e9e7386973243afa513735600eec5cc4de00ebd4389bfb1448aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.korek-treasures.com/
Origin: https://www.korek-treasures.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26566
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:40:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 05:53:27 GMT

GET
H/1.1 200 get_started_bg.jpg
www.korek-treasures.com/static/skins/skin_5/images/ 138 KB
138 KB 310ms
242ms Image
image/jpeg 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/static/skins/skin_5/images/get_started_bg.jpg

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/skins/skin_5/css/skin_AR.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

e8ef541d433edc2135b7009accf96445616b37dce475fe89d6f9922e38214da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/static/skins/skin_5/css/skin_AR.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 140969
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H/1.1 200 Get-Started_tablet.png
www.korek-treasures.com/static/skins/skin_5/images/ 506 KB
506 KB 365ms
296ms Image
image/png 195.230.102.170
VELTI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.korek-treasures.com/static/skins/skin_5/images/Get-Started_tablet.png

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/skins/skin_5/css/skin_AR.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.230.102.170 Athens, Greece, ASN41372 (VELTI-AS, GR),

Reverse DNS

Software

Resource Hash

ce55dab05522208d745de8688e4b35da28701f4a3ac66726654efac75c248a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/static/skins/skin_5/css/skin_AR.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 17:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Nov 2021 14:56:18 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 518075
X-XSS-Protection: 1; mode=block
X-Application-Context: application:hidden_img:443
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 84ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFZZL8H

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61b2a2078d6a1eba64f9452a19e1e742d4d87df2586c77ddb34025cea5a08471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:46:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31520
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 17:27:35 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Nov 2021 17:46:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.korek-treasures.com
URL: https://www.korek-treasures.com/static/js/app.4c42ab6c53658bd81dd9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d72d266f47fa649f72d1f24f22fee03e68db139954e3d163bf0afc29ee9eea3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YjEWToha083zskDuzMAHWQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: HWyJxWS2Inowy+Atf+TT/0/E7XC/pMHnzbT6M/BhBxZaA7LpupvDW6IVo22Aj5rWlHtxXDCWAoRDghOl6zI2HQ==
x-fb-trip-id: 917726464
x-fb-content-md5: ff0cd901e88d8d9603aa8e75ecba79bf
x-frame-options: DENY
date: Tue, 09 Nov 2021 17:46:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9ef87ed60f6d0659a76f13c7b2ccb852"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Nov 2021 18:04:41 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 272 KB
77 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ed70cbe2b25ab985ac4207b1e22d998e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dcfdc33e0f7d553de77a216fb06a27471fafbff1e330ba684f4996885b7e71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.korek-treasures.com/
Origin: https://www.korek-treasures.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CkKaq50tor8kQAvrF9FDDA==
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78398
x-fb-rlafr: 0
x-fb-debug: U6QWdXYEo1AIWUz1VIcsmDeWYGjVtzxrJVyVh0faa9378TMr37bKHOSh3XGBbTr/+nFcJH5VCemlnSO/HaPjYA==
x-fb-trip-id: 917726464
x-fb-content-md5: 3e8c4fd61c3ecf2c1be4e335630508c6
x-frame-options: DENY
date: Tue, 09 Nov 2021 17:46:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f7cdbc15ef50419464bb05c201f49e22"
timing-allow-origin: *
expires: Wed, 09 Nov 2022 17:44:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYDMLSTMQW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFZZL8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b04801ebd13156e2decbfcb03ef6f669a82046af72a783bc1d026d1840e87db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:46:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61730
x-xss-protection: 0
expires: Tue, 09 Nov 2021 17:46:58 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
353 B 81ms
28ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EYDMLSTMQW&gtm=2oeb80&_p=1436840331&sr=1600x1200&ul=en-us&cid=1331977458.1636480019&_s=1&dl=https%3A%2F%2Fwww.korek-treasures.com%2F&dt=%D9%83%D9%86%D8%B2%20%D9%83%D9%88%D8%B1%D9%83%20%7C%20%D8%AE%D8%AF%D9%85%D8%A9%20%22%D9%83%D9%86%D8%B2%20%D9%83%D9%88%D8%B1%D9%83%20%22%20%D8%A7%D9%84%D9%85%D8%B3%D9%84%D9%8A%D8%A9&sid=1636480018&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYDMLSTMQW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.korek-treasures.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 17:46:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.korek-treasures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 93ms
48ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1427329137574530&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.korek-treasures.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ed70cbe2b25ab985ac4207b1e22d998e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.korek-treasures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: spi+OFMdXQhkoAS/9acRFfaSb8nv6nDFp7Bnaktu47a6+WM9cof1/YzkGCDXO7bT+5LhcJ9vZOP61U2fxdw0zA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 09 Nov 2021 17:46:59 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.korek-treasures.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.korek-treasures.com/	1970-01-20 16:05:52	Name: _ga Value: GA1.1.1331977458.1636480019
			.korek-treasures.com/	1970-01-20 16:05:52	Name: _ga_EYDMLSTMQW Value: GS1.1.1636480018.1.0.1636480019.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.korek-treasures.com/static/js/vendor.7c743537b006a8f9866a.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
chooseyourprize.etisalat.af
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.korek-treasures.com
195.230.102.170
2606:4700::6810:135e
2a00:1450:4001:802::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
0652ec8c99bdc223b4d5d4f69c14940bc7af0d66c709ecdd8bb85ee780dee135
0fd45402145dd3419441668e207974adac16ae319ef58ecad965f45e80147669
1a0c42585728e9e7386973243afa513735600eec5cc4de00ebd4389bfb1448aa
1ddd0ceb9f81f38bd01eb216a7e760904a69ac4aa3f747be3b0dcfd3571547f7
21ac34aa9ca2e84928831c4cf45eab62c8a56290554dfe8c4a3d3d0212a0b83a
245386f2facf9d3f625d9dcbdbe885c9054865e0ca864e4f6825044861e1e47e
2cc4a397220b33d6d15ae0fec6588229b6c526dc6c6d7f78aaadbbc7021042fc
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
358d1430b572a9e99846cae16e06305079e1c48c22f1712a069c04ba7d21a822
39cc66aae915d588e8f2bdffff88ff1094e51a8ec8c1fe184540ec242bce3580
4967249a776d959611b012500b920d779aa48c02732cd09d6582f1046b7f35c7
49d217e218ce6db007aeca7522354c87007d921d31d8ba5f5ca2f610b4d10a04
4cda70969dbbd8302cfd9db57750a6ce485818d59b1946e5aae2dbe05776ff14
51ab50e87289f52608397847c10b4780e394faecad40645ff8854eaa71f325fb
604a225f8fd1c1a83bdc53f794d696228712e9c2b9321c2d0feb66cfada05b53
61b2a2078d6a1eba64f9452a19e1e742d4d87df2586c77ddb34025cea5a08471
62d3330d2741e43e5016194b3f5f637047ef57a1fb71c0134748ba3a973c606e
6dcfdc33e0f7d553de77a216fb06a27471fafbff1e330ba684f4996885b7e71f
84dab359add9fcb6824544e09cbfaf934683c22c98ac7f40e38f3b7dfdaaf2fc
8e099b02bb0c5653085ea0a86dc545d27543d3e0988bfaa709874697a9e70531
91aabc589379fe443308bc257457b461c346f04c3d5fee962de3c2880eee4147
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
96aa87c76b7ae96f6b151118a7d03722f66ef16bfcdbcc13835c2179ba9cf2ce
b04801ebd13156e2decbfcb03ef6f669a82046af72a783bc1d026d1840e87db5
b1b7afa76db271451a1f3fff738ff21ed53cca91f7f580bb294193e9d2da31b4
c13ce9a0426967a5ec1b92abd8346463828798e82c593d128bf9499eb3cddbe7
c144f6575d14ac5f089f5d69bff3540783f9ec273c2011e742a67b15eb8b87d2
c588d9dab3b3b748d8be6d04b8aad5916dde70c6d7f6d5ce32b4a69fe856e2db
c8bef3acfd93a8c00a05edc4e4ff3627d2ae2b3b38c4a7605ee4e2c41f8264f6
ce55dab05522208d745de8688e4b35da28701f4a3ac66726654efac75c248a33
d72d266f47fa649f72d1f24f22fee03e68db139954e3d163bf0afc29ee9eea3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82
e5441921b7ab5d2c87d7cd9a3ec87da6d48912df3c9e56326774f40412f1f9ca
e8ef541d433edc2135b7009accf96445616b37dce475fe89d6f9922e38214da5
f7a63914ea7319646bb9a90e176b9bfb498097eaee8a98026a6b7e5840597237
fe50e4c157e9911bca686a5570fd3c8d96450d187f1f4ab67eab1b03ca7059ca

www.korek-treasures.com Open in urlscan Pro 195.230.102.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

38 Requests

100 %HTTPS

88 %IPv6

9 Domains

9 Subdomains

8 IPs

3 Countries

1607 kBTransfer

3189 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.korek-treasures.com Open in urlscan Pro
195.230.102.170 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1607 kB
Transfer

3189 kB
Size

2
Cookies

38 HTTP transactions
0 data transactions