balance.americangiftportal.app Open in urlscan Pro
2606:4700:130:436c:6f75:6466:6c61:7265 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://americanerpress.com/
Effective URL:
https://balance.americangiftportal.app/83414209612086035921.php
Submission: On December 06 via api (December 6th 2022, 9:06:43 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 15 domains to perform 53 HTTP transactions. The main IP is 2606:4700:130:436c:6f75:6466:6c61:7265, located in United States and belongs to CLOUDFLARENET, US. The main domain is balance.americangiftportal.app.
TLS certificate: Issued by GTS CA 1P5 on October 16th 2022. Valid for: 3 months.

This is the only time balance.americangiftportal.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.224.182.246 103.224.182.246	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER)
1	108.168.193.184 108.168.193.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2606:4700:303... 2606:4700:3037::ac43:91f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700:130... 2606:4700:130:436c:6f75:6466:6c61:7265	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:400... 2607:f8b0:4006:822::2003	() ()
1	173.223.180.63 173.223.180.63	() ()
1	23.54.216.203 23.54.216.203	() ()
3	2606:4700::68... 2606:4700::6812:bcf	() ()
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	() ()
7	2607:f8b0:400... 2607:f8b0:4006:816::2004	() ()
9	2600:9000:20a... 2600:9000:20aa:5000:12:94b3:c380:93a1	() ()
1	35.81.31.24 35.81.31.24	() ()
5	2607:f8b0:400... 2607:f8b0:4006:817::2003	() ()
53	15

3 103.224.182.246 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com

americanerpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

0redire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.168.193.189 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p249699.mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.184 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.c1.a86c.ip4.static.sl-reverse.com

clkdeals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:91f4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

american-getaways.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:130:436c:6f75:6466:6c61:7265 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

balance.americangiftportal.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:822::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.180.63 (None, )

ASN- ()

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.216.203 (None, )

ASN- ()

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (None, )

ASN- ()

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:816::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20aa:5000:12:94b3:c380:93a1 (None, )

ASN- ()

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (None, )

ASN- ()

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
9	ctfassets.net images.ctfassets.net	740 KB
7	google.com www.google.com	49 KB
7	americangiftportal.app 1 redirects balance.americangiftportal.app	31 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	103 KB
3	americanerpress.com 1 redirects americanerpress.com	8 KB
2	mybettermb.com 1 redirects mybettermb.com — Cisco Umbrella Rank: 50828 p249699.mybettermb.com	2 KB
2	0redire.com 1 redirects 0redire.com — Cisco Umbrella Rank: 240115	2 KB
1	kaptcha.com ssl.kaptcha.com	623 B
1	googleapis.com fonts.googleapis.com	869 B
1	aexp-static.com www.aexp-static.com	66 KB
1	evidon.com c.evidon.com	2 KB
1	american-getaways.com 1 redirects american-getaways.com	593 B
1	clkdeals.com clkdeals.com — Cisco Umbrella Rank: 231184	197 B
0	giftingapp.com Failed prod.giftingapp.com Failed
53	15

	Domain	Requested by
13	www.gstatic.com	balance.americangiftportal.app www.google.com www.gstatic.com
9	images.ctfassets.net	balance.americangiftportal.app
7	www.google.com	balance.americangiftportal.app www.google.com www.gstatic.com
7	balance.americangiftportal.app	1 redirects p249699.mybettermb.com balance.americangiftportal.app
5	fonts.gstatic.com	www.google.com
3	maxcdn.bootstrapcdn.com	balance.americangiftportal.app maxcdn.bootstrapcdn.com
3	americanerpress.com	1 redirects americanerpress.com
2	0redire.com	1 redirects americanerpress.com
1	ssl.kaptcha.com	balance.americangiftportal.app
1	fonts.googleapis.com	balance.americangiftportal.app
1	www.aexp-static.com	balance.americangiftportal.app
1	c.evidon.com	balance.americangiftportal.app
1	american-getaways.com	1 redirects
1	clkdeals.com	p249699.mybettermb.com
1	p249699.mybettermb.com	0redire.com
1	mybettermb.com	1 redirects
0	prod.giftingapp.com Failed	ssl.kaptcha.com
53	17

This site contains links to these domains. Also see Links.

Domain
www.amexgiftcard.com
www.americanexpress.com
about.americanexpress.com
www.bluebird.com
fscarddisclosures.com
info.evidon.com

Subject Issuer	Validity	Valid
entourageyearbook.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-02` - `2023-11-02`	a year	crt.sh
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2022-12-29`	a year	crt.sh
*.americangiftportal.app GTS CA 1P5	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-05-16` - `2023-05-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-18` - `2023-10-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://balance.americangiftportal.app/83414209612086035921.php
Frame ID: C77A8C2B6D37FB06C921F5838E4842D2
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mnpn06ihuqzs
Frame ID: 2F9ACB66B8B5D115C59B55B6ED5B7936
Requests: 7 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=109700&s=ae77d252480d490c86e2d981f32171c0
Frame ID: B2F376612ABD520F4FFD6783ED0F6684
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=8cb9v5ksigs4
Frame ID: 7099442784AAFA434B42D16D4010A339
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul
Frame ID: 7DF82115D4D165720E1ADCD466F9E352
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXJpY2FuZ2lmdHBvcnRhbC5hcHA6NDQz&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=mrivj32y5hjn
Frame ID: 5CBA6A619212A370B77A260137784D1F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Check Balance | American Express Gift Cards

Page URL History Show full URLs

http://americanerpress.com/ HTTP 302
https://americanerpress.com/ Page URL
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG... HTTP 302
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG... Page URL
https://mybettermb.com/aS/sfclick?u=d2af75be-f365-4cc8-a561-e95bedd5f1e5 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1... Page URL
https://american-getaways.com/?click=89728320670&source=373131734&sub=SA_AR HTTP 302
https://balance.americangiftportal.app/?s=89728320670 HTTP 302
https://balance.americangiftportal.app/83414209612086035921.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

17
Subdomains

15
IPs

2
Countries

2135 kB
Transfer

4681 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amexgiftcard.com/
Title: Purchase Gift Cards

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/prepaid/state-licensing.html
Title: Click here

Search URL Search Domain Scan URL

URL: http://about.americanexpress.com/
Title: ABOUT AMERICAN EXPRESS

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/serve/
Title: Serve®

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/
Title: Bluebird®

Search URL Search Domain Scan URL

URL: https://fscarddisclosures.com/InComm_Accessibility_Statement.pdf
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/legal-disclosures/website-rules-and-regulations.html?inav=footer_Terms_of_Use
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/legal-disclosures/privacy-center.html?inav=footer_privacy_statement
Title: Privacy Center

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/1328?v=1&nt=1&nw=true&inav=footer_adChoices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/content/fraud-protection-center/home.html?inav=footer_fraud_protection_center
Title: Security Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://americanerpress.com/ HTTP 302
https://americanerpress.com/ Page URL
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726 Page URL
https://mybettermb.com/aS/sfclick?u=d2af75be-f365-4cc8-a561-e95bedd5f1e5 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mSKo_r5numrd2LXenS0I2mLEo2wM6yuv1qvgh1rEq04d_HjP-ssmmvVPztkPV-xGd2GQswQSqbgjoEz8rVkCI60uqW_USYToy-0xlPpE0rjA6OkcMSKJKJvTbqBo0iV9jXTivKWn3G0yoMLW-Icwdj7_PF5mlV6EpDSlpemo0Akp9Crcv-OU9pilxDYVBlW9bUPBBoIiVDw76Xbaw4EFFD92a7806q8Ha86oJrI9YjFoTD-yX4c4vXg5pAHWfUKXz7vUl-LhTLYTLKyj25hWuH4VZY048EPdhGn3_C1Ps6C1tvaL70lOprw1LLhvVcG9_hEhxtCR4hX2REdVF2tDhnJJ_5PQjilpeN9ouqOkgFIIXioy0OisAjKIsa6aWJrfNvrN-lbgQZf6OVtQw6d31NRXXwmELWXUnlXw7BDyI_NBd13JdHW3oR3ILtuu0qpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V1w2o68N1MojSsCBXZHi5sjKH7xdaNgjm5CXTdmnoXVEi4OL1mnImvE_T1XpkVx2upxzf5dlqQp8yEwby-UyD8Yeln77HLWkoAeuv5TuOwLwZBKcHBt4N9C&ui=R40UBoveGXf0bBi43pBLOvbWwvziNp_1xLgNeF8Zj-jstup09bO2yGUfWe6sbDVjfpgllyQYRD7-a9u346zccLWXQ_8QuNqRoyRiLAkM2e6XWNEo81wUIA&si=1&oref=a262e0d02efbc0d949a2b29c6368e833&optunit=Ofp3sTtov4UVafMtXN1GFuiYnnC3Du8g&rb=Nghl-UgLnCY&rr=1&abtg=0 Page URL
https://american-getaways.com/?click=89728320670&source=373131734&sub=SA_AR HTTP 302
https://balance.americangiftportal.app/?s=89728320670 HTTP 302
https://balance.americangiftportal.app/83414209612086035921.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://americanerpress.com/ HTTP 302
https://americanerpress.com/

Request Chain 2

http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726

Request Chain 3

https://mybettermb.com/aS/sfclick?u=d2af75be-f365-4cc8-a561-e95bedd5f1e5 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mSKo_r5numrd2LXenS0I2mLEo2wM6yuv1qvgh1rEq04d_HjP-ssmmvVPztkPV-xGd2GQswQSqbgjoEz8rVkCI60uqW_USYToy-0xlPpE0rjA6OkcMSKJKJvTbqBo0iV9jXTivKWn3G0yoMLW-Icwdj7_PF5mlV6EpDSlpemo0Akp9Crcv-OU9pilxDYVBlW9bUPBBoIiVDw76Xbaw4EFFD92a7806q8Ha86oJrI9YjFoTD-yX4c4vXg5pAHWfUKXz7vUl-LhTLYTLKyj25hWuH4VZY048EPdhGn3_C1Ps6C1tvaL70lOprw1LLhvVcG9_hEhxtCR4hX2REdVF2tDhnJJ_5PQjilpeN9ouqOkgFIIXioy0OisAjKIsa6aWJrfNvrN-lbgQZf6OVtQw6d31NRXXwmELWXUnlXw7BDyI_NBd13JdHW3oR3ILtuu0qpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V1w2o68N1MojSsCBXZHi5sjKH7xdaNgjm5CXTdmnoXVEi4OL1mnImvE_T1XpkVx2upxzf5dlqQp8yEwby-UyD8Yeln77HLWkoAeuv5TuOwLwZBKcHBt4N9C&ui=R40UBoveGXf0bBi43pBLOvbWwvziNp_1xLgNeF8Zj-jstup09bO2yGUfWe6sbDVjfpgllyQYRD7-a9u346zccLWXQ_8QuNqRoyRiLAkM2e6XWNEo81wUIA&si=1&oref=a262e0d02efbc0d949a2b29c6368e833&optunit=Ofp3sTtov4UVafMtXN1GFuiYnnC3Du8g&rb=Nghl-UgLnCY&rr=1&abtg=0

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
americanerpress.com/
Redirect Chain

http://americanerpress.com/
https://americanerpress.com/

7 KB
3 KB

995ms
655ms

Document
text/html

103.224.182.246
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://americanerpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.224.182.246 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-246.above.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 3255
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Dec 2022 21:06:24 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Dec 2022 21:06:23 GMT
Location: https://americanerpress.com/
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK swfobject.js
americanerpress.com/js/ 10 KB
4 KB 837ms
103ms Script
application/javascript 103.224.182.246
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://americanerpress.com/js/swfobject.js
Requested by: Host: americanerpress.com
URL: https://americanerpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.224.182.246 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-246.above.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://americanerpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 21:06:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Aug 2022 04:46:40 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5e57726e58c00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1

200
OK

jr.php
0redire.com/
Redirect Chain

http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJa...
http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJa...

375 B
469 B

455ms
102ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726
Requested by: Host: americanerpress.com
URL: https://americanerpress.com/
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://americanerpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 240
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Dec 2022 21:06:27 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
X-JR-Code: s

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Dec 2022 21:06:26 GMT
Location: jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726
Server: Apache/2.4.38 (Debian)
X-JR-Code: cr

GET
H2

200

domainClick Show response
p249699.mybettermb.com/adServe/
Redirect Chain

https://mybettermb.com/aS/sfclick?u=d2af75be-f365-4cc8-a561-e95bedd5f1e5
https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mS...

605 B
709 B

143ms
94ms

Document
text/html

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mSKo_r5numrd2LXenS0I2mLEo2wM6yuv1qvgh1rEq04d_HjP-ssmmvVPztkPV-xGd2GQswQSqbgjoEz8rVkCI60uqW_USYToy-0xlPpE0rjA6OkcMSKJKJvTbqBo0iV9jXTivKWn3G0yoMLW-Icwdj7_PF5mlV6EpDSlpemo0Akp9Crcv-OU9pilxDYVBlW9bUPBBoIiVDw76Xbaw4EFFD92a7806q8Ha86oJrI9YjFoTD-yX4c4vXg5pAHWfUKXz7vUl-LhTLYTLKyj25hWuH4VZY048EPdhGn3_C1Ps6C1tvaL70lOprw1LLhvVcG9_hEhxtCR4hX2REdVF2tDhnJJ_5PQjilpeN9ouqOkgFIIXioy0OisAjKIsa6aWJrfNvrN-lbgQZf6OVtQw6d31NRXXwmELWXUnlXw7BDyI_NBd13JdHW3oR3ILtuu0qpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V1w2o68N1MojSsCBXZHi5sjKH7xdaNgjm5CXTdmnoXVEi4OL1mnImvE_T1XpkVx2upxzf5dlqQp8yEwby-UyD8Yeln77HLWkoAeuv5TuOwLwZBKcHBt4N9C&ui=R40UBoveGXf0bBi43pBLOvbWwvziNp_1xLgNeF8Zj-jstup09bO2yGUfWe6sbDVjfpgllyQYRD7-a9u346zccLWXQ_8QuNqRoyRiLAkM2e6XWNEo81wUIA&si=1&oref=a262e0d02efbc0d949a2b29c6368e833&optunit=Ofp3sTtov4UVafMtXN1GFuiYnnC3Du8g&rb=Nghl-UgLnCY&rr=1&abtg=0
Requested by: Host: 0redire.com
URL: http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 64a05c403923114ae64b87c017a4bb0e6c9065158afab52104b067620a1301e3

Request headers

Referer: http://0redire.com/jr.php?gz=iWpX1%2BXCo%2F6YwcS5AwQeWn49fnM2TWxzbzVUbHRvbFZDY0JoOHErelZwQVVuOG85djNpaGNTazVtQm9vdnRTQWEzQ1pUTkxOczJVdlRCc21FQTZhQzd2b242WkdVQVh2ZzFuNS94RUxNK2h0WndrQUV3RE9jUnRuRkJaWCt4QjlDSm5xWGI5eVhmdjZGbkdzeXRSZG04eElQUS9qWFRGVWJaNmNHODZYRExWL201YUpoZHl4ZDV1VnZWdFc4anBhQlBrMStsQm5EUjhTQk8xZXBRaHprK2lqc24wbFA3VXI5Z0ljUWRTdTlIb3Z5YXo1dVJDbFYvS3lmYUJwYUJkK0xCbmpzekIwa2gvR3FoWE9DcWV6M0FLQ0R3dzRYVzNERWFyUGZSV1V3Wm9keG5DclN6MWI0TEFGaGIwcEtuVUd1VGhzRFlJSURJM2RVUVpCK2U1Nnp3ZzhaODE5ODYwZDhERmp1eTJ2dG90VTIxN0R6QlB6a0ZvZ01OUlEvc21WVlo0T0VvcVg0VnYrVm9wK0JPVG0vODgra0RkL29ydjVWVjY5MW9IRDI1cFdTVTFBUWt6M014enB0TjhTOHB0S1I3Y1pFc1F0M2FTa1VISDgrM1NLenNCeXJTMms1MHZNNEozbUVIL2xBY0tnUzFaQ1ZlK3dDQ28xNWdiTVQxNjZMNlpTS3JNQXRqNmlSU2JCWDdxaXBjZmdIMG4xU3d5NVJRT283ais2ZUNqaVpaZFA3d3V3TlBwb2lQY0tFR2dyOEdnc0xSdG8xclFCaUJqdUJTUmlyZWRyNGMzLzEzME9raXlxdWlTM0hDeUU0ODhzZklyOEFlMk9wWStsNmI5TVQ1OVo3clZhckFndGVHS2N0VGNpSHF0TUhwcmIzVWQ4N1AxZEMySmNTMFYvRmhTcmhIbG1ZdEh5QVYyQVFVZm10SXRZTlcxOVV6UGl3RWNLZ1UwUHVqUzh4TFR4QXhHd3pweHNySGkxMXNjcDNhSnMxamFhdHk1L3F1cUV6TkkyK2ZLWTVWMi9BcU1MVlhJcDJiMw%3D%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1670360786.7883726
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 06 Dec 2022 21:06:28 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 06 Dec 2022 21:06:28 GMT
location: https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mSKo_r5numrd2LXenS0I2mLEo2wM6yuv1qvgh1rEq04d_HjP-ssmmvVPztkPV-xGd2GQswQSqbgjoEz8rVkCI60uqW_USYToy-0xlPpE0rjA6OkcMSKJKJvTbqBo0iV9jXTivKWn3G0yoMLW-Icwdj7_PF5mlV6EpDSlpemo0Akp9Crcv-OU9pilxDYVBlW9bUPBBoIiVDw76Xbaw4EFFD92a7806q8Ha86oJrI9YjFoTD-yX4c4vXg5pAHWfUKXz7vUl-LhTLYTLKyj25hWuH4VZY048EPdhGn3_C1Ps6C1tvaL70lOprw1LLhvVcG9_hEhxtCR4hX2REdVF2tDhnJJ_5PQjilpeN9ouqOkgFIIXioy0OisAjKIsa6aWJrfNvrN-lbgQZf6OVtQw6d31NRXXwmELWXUnlXw7BDyI_NBd13JdHW3oR3ILtuu0qpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V1w2o68N1MojSsCBXZHi5sjKH7xdaNgjm5CXTdmnoXVEi4OL1mnImvE_T1XpkVx2upxzf5dlqQp8yEwby-UyD8Yeln77HLWkoAeuv5TuOwLwZBKcHBt4N9C&ui=R40UBoveGXf0bBi43pBLOvbWwvziNp_1xLgNeF8Zj-jstup09bO2yGUfWe6sbDVjfpgllyQYRD7-a9u346zccLWXQ_8QuNqRoyRiLAkM2e6XWNEo81wUIA&si=1&oref=a262e0d02efbc0d949a2b29c6368e833&optunit=Ofp3sTtov4UVafMtXN1GFuiYnnC3Du8g&rb=Nghl-UgLnCY&rr=1&abtg=0
server: nginx

GET
H2 200 track
clkdeals.com/adServe/ 49 B
197 B 224ms
68ms Image
image/gif 108.168.193.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clkdeals.com/adServe/track?subid=89728320670&prdid=2750&price=0
Requested by: Host: p249699.mybettermb.com
URL: https://p249699.mybettermb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.168.193.184 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: b8.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 21:06:29 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Primary Request 83414209612086035921.php Show response
balance.americangiftportal.app/
Redirect Chain

https://american-getaways.com/?click=89728320670&source=373131734&sub=SA_AR
https://balance.americangiftportal.app/?s=89728320670
https://balance.americangiftportal.app/83414209612086035921.php

62 KB
10 KB

173ms
172ms

Document
text/html

2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/83414209612086035921.php
Requested by: Host: p249699.mybettermb.com
URL: https://p249699.mybettermb.com/adServe/domainClick?ai=f9cIIaXjfuDIRp9QDQX5mk3eXTcl3LVmXlVVMybnhydE5OAgVj1_1m4t0SCdsVvE7E1V7sF6w3QI1wXuWDUHKdqHBAFRDvmyTxD2AtQ_GQ0w330KXSVnRGHV0Fkq48Ki95T84xhu3eKi7mSKo_r5numrd2LXenS0I2mLEo2wM6yuv1qvgh1rEq04d_HjP-ssmmvVPztkPV-xGd2GQswQSqbgjoEz8rVkCI60uqW_USYToy-0xlPpE0rjA6OkcMSKJKJvTbqBo0iV9jXTivKWn3G0yoMLW-Icwdj7_PF5mlV6EpDSlpemo0Akp9Crcv-OU9pilxDYVBlW9bUPBBoIiVDw76Xbaw4EFFD92a7806q8Ha86oJrI9YjFoTD-yX4c4vXg5pAHWfUKXz7vUl-LhTLYTLKyj25hWuH4VZY048EPdhGn3_C1Ps6C1tvaL70lOprw1LLhvVcG9_hEhxtCR4hX2REdVF2tDhnJJ_5PQjilpeN9ouqOkgFIIXioy0OisAjKIsa6aWJrfNvrN-lbgQZf6OVtQw6d31NRXXwmELWXUnlXw7BDyI_NBd13JdHW3oR3ILtuu0qpTNp5iFKPCjjDN7hxoakO8B0PF81k4VXFZ8E78-CR_0uP2HF_RImTS1V9Rt9xcBTZ2BGyX9whJ2HNq8kR-jp6x5WrgZj24V1w2o68N1MojSsCBXZHi5sjKH7xdaNgjm5CXTdmnoXVEi4OL1mnImvE_T1XpkVx2upxzf5dlqQp8yEwby-UyD8Yeln77HLWkoAeuv5TuOwLwZBKcHBt4N9C&ui=R40UBoveGXf0bBi43pBLOvbWwvziNp_1xLgNeF8Zj-jstup09bO2yGUfWe6sbDVjfpgllyQYRD7-a9u346zccLWXQ_8QuNqRoyRiLAkM2e6XWNEo81wUIA&si=1&oref=a262e0d02efbc0d949a2b29c6368e833&optunit=Ofp3sTtov4UVafMtXN1GFuiYnnC3Du8g&rb=Nghl-UgLnCY&rr=1&abtg=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043e9b5fca81d0b4bbdf82cf35cc2adfe231de06dc194152d98ff741bab8dac6

Request headers

Referer: https://p249699.mybettermb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7757fc5e9a820a3a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 21:06:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGUaHld4eRbAULZBN42wL%2FaHEgp2SEPkddImdI4iY1awBfjy8B9kvO8fsg4cb2NNsnMnq6toLn86D29L0L%2BvKo368iCsxp4NSws42fC%2BvmySA51FZsrbtMm3lUKQ6FtFzWeUc%2FDVNrAoCgScFS4BuO4KaNCXN7PFzcFLurA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7757fc5a8ab00a3a-MIA
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 21:06:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /83414209612086035921.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyAGPoqvpDMB8iLyMD8i%2FuPEcflsZ7sjyEHikvvYjxBU0P2hisrXPCXD8TtJ%2B8Ct4WWg1ktPmTAjCcWKiOxoADma5nTjMT5ICce%2BsuEsA8r7Tehd0OoQTdtUoiLPAZMm5As0kCrIQUjuSSx1u6VmsuBp7J1yC2JrESldDtc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 399 KB
160 KB 427ms
100ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance.americangiftportal.app/
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:28:59 GMT

GET
H2 200 tag.js Show response
c.evidon.com/pub/ 3 KB
2 KB 443ms
96ms Script
application/x-javascript 173.223.180.63

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/pub/tag.js
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 173.223.180.63 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 232fc25111f9065759d1a3ce1a2d19373cdc5903c85ebb3dc8f508d39c567bbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 19:27:31 GMT
server: AkamaiNetStorage
etag: "e9d0b4bc8cde1a2da50ac97b3cb6f9f3:1664306851.289444"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1251

GET
H3 404 gatie-Which-Feart-If-the-word-as-to-tell-dye-and
balance.americangiftportal.app/ 0
0 504ms
379ms Script
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/gatie-Which-Feart-If-the-word-as-to-tell-dye-and
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/83414209612086035921.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5db%2FXdlVlR8WQzwKRLbb6OTog%2FMm2zZ69oZdWxQh0XZX1hMSPQ%2FP8dNqVIacLFZbfcq7ZrubpALHo8nNkefJvZnmM3rw1MjuVAFSD%2BRMSBLLTX99DcDATx%2F4%2BquQJXvO%2FRYMP%2B7Wx3oz1%2FjuzlBvbfwjgKyA0rJ7u0M7Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 7757fc610ecbb3bf-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dls.css
www.aexp-static.com/cdaas/one/statics/axp-dls/5.4.0/package/dist/styles/ 583 KB
66 KB 766ms
127ms Stylesheet
text/css 23.54.216.203

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.4.0/package/dist/styles/dls.css
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.216.203 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 535c9e3ec9bb07fad6525cb6e51cc37cf87425efdca6ccd3b667197de60983c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: gzip
last-modified: Tue, 24 Oct 2017 17:20:27 GMT
etag: W/"59ef765b-91a70"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 67593

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 381ms
67ms Stylesheet
text/css 2606:4700::6812:bcf

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 617, 617
age: 16741751
cdn-cachedat: 2021-04-14 03:22:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1f2cd3e01264a20ecefa4c6d0aa96f9a
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7757fc61eac08ddf-MIA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 358ms
44ms Stylesheet
text/css 2606:4700::6812:bcf

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625, 617, 617
age: 16737638
cdn-cachedat: 2021-04-13 11:37:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c09e23b24e43d1f41e3fe54141b657c8
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7757fc61eac28ddf-MIA
cdn-requestpullsuccess: True

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 400ms
89ms Stylesheet
text/css 2607:f8b0:4006:821::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 21:06:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 21:06:31 GMT

GET
H3 200 styles.css
balance.americangiftportal.app/ 268 KB
21 KB 131ms
122ms Stylesheet
text/css 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/styles.css
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8febb3d2f79b60dcaa4e74e91c28580acb0c3eab2b94850cfe5c9b43e9993b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/83414209612086035921.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 16:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 563
etag: W/"430e4-5eedb12a81d77-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZozM1Uj1HI16zkhEd0LBhvtp3ScqyHr7%2FBPZt%2Fn3B2ZBfK46O20EWkc1H%2BenfmSbpggnWHwlLG4MJNj%2FSMyKetqQyh17VFvrKk%2FJm6EvxEcZuolxyFeaeCxFiqPcNVW%2FB7lY%2F6RCt8gLE0mU66iSl8a30nw%2F7xSAwj3g1PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7757fc601c5eb3bf-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 399ms
94ms Script
text/javascript 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&hl=en

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

997e95b9c7fac7bf68e2699007ef8efa07d738d3f84bb886539e4fa5e1e8af53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 21:06:31 GMT

GET
H2 200 dls-logo-bluebox-solid.png
images.ctfassets.net/2x5vcnvffh4i/4efchWQPD4MEMtZiO9NMTl/8fdeed89d00da7795c09a4b8e4df547d/ 3 KB
3 KB 660ms
63ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/4efchWQPD4MEMtZiO9NMTl/8fdeed89d00da7795c09a4b8e4df547d/dls-logo-bluebox-solid.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4f49092018cd7c0068ff35f4ccf26aa8ce588896fab4f23f019f9c2d792c6776

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:48:46 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Mon, 27 Apr 2020 12:01:56 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 48630
etag: "afe6efce15a3f0295b8c620f2ea97c25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 3097
x-amz-cf-id: 9ak50og8t8QPUOxaE9zMs6Eg9ike5eCyV9ximHS8uPGPh-HhoCHbJQ==

GET
H2 200 Business_Personal_Plastic_969x1053.jpg
images.ctfassets.net/2x5vcnvffh4i/2sKc4dNBLisA4cUw40YOYm/2c807286500da2539e261589e32915c4/ 716 KB
717 KB 659ms
64ms Image
image/jpeg 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/2sKc4dNBLisA4cUw40YOYm/2c807286500da2539e261589e32915c4/Business_Personal_Plastic_969x1053.jpg
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 81aabdfed22f4f2758877091b514390c2f74d48e7b966392b10acb77a0299b3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:14:18 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 19:15:47 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 49934
etag: "b4928b8d8ec341d4d9d1de030750e4b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 733465
x-amz-cf-id: WBJt6_v2pSlTe9rfvI_yZ33HiZkND9HMacADRrNmlBaKY2s5xJ1WPA==

GET
H2 200 icon_help.png
images.ctfassets.net/2x5vcnvffh4i/3Xqrx2vwfm0wEEU4ciesCk/ba79b667aca1e21da3a407247855942b/ 2 KB
2 KB 930ms
335ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/3Xqrx2vwfm0wEEU4ciesCk/ba79b667aca1e21da3a407247855942b/icon_help.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f2e0fb3459f3a768d576380f5049cd28037715dcd2e460dde52d9cdbbfd35706

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 08:35:11 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 15:23:43 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 45081
etag: "53623a61a96217675ad3ba230d4afa62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1580
x-amz-cf-id: SK9YzeDLkUfte24sIoAxHEJ8qaqrXos8XCWgJ9cVxV_IOuPTCwNJdg==

GET
H2 200 icon_NoFees.png
images.ctfassets.net/2x5vcnvffh4i/4rwamdB0p2S8qcsOYE8w6S/6e530a127726abee3ae56a4f95c46ae6/ 2 KB
3 KB 656ms
67ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/4rwamdB0p2S8qcsOYE8w6S/6e530a127726abee3ae56a4f95c46ae6/icon_NoFees.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3b2f17aad77e6930f34a34e57c08b3a12685ba8cee09b56ac0deb001c17ea5be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:56:07 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 21:11:04 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 15105
etag: "a080acaf92deca79ef995d43a41cd7de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 2420
x-amz-cf-id: _CHgqp39zsVj5OBZJSzNXGxlx3g7QjKd5cwPeblbFqQUC7m1H8p4nQ==

GET
H2 200 icon_lock.png
images.ctfassets.net/2x5vcnvffh4i/3jGx0WfQAM2YcE0WE8yAOu/1896fe9a8ae21f57aa336f9c5adfc51b/ 2 KB
2 KB 663ms
74ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/3jGx0WfQAM2YcE0WE8yAOu/1896fe9a8ae21f57aa336f9c5adfc51b/icon_lock.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ed81e45122fdcebe6f60893184eb694f95ef50ff21f8ed64dafe9aabdfedd334

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 08:56:53 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 21:12:07 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 43779
etag: "39bdadcd1dff219821023e21b2b7ee7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1540
x-amz-cf-id: 7cgrAfmjJciD_NaNnDE-cWbuxC_bqmrFB7g4jVlGmKpKco8wJ2OkDg==

GET
H2 200 icon_calendar.png
images.ctfassets.net/2x5vcnvffh4i/1BYogMdXEokCyyIsuMomEI/8f48a7eaf56dd63a2a61ae12720b7420/ 2 KB
2 KB 669ms
81ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/1BYogMdXEokCyyIsuMomEI/8f48a7eaf56dd63a2a61ae12720b7420/icon_calendar.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0e7f3d783a8d5e8444d64f172c9b0fee2955c2022e7bf7e20557dfc6104f6fc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:11:54 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 21:13:25 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 51348
etag: "6e7f9dc967c636e04d00a550f8553965"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1553
x-amz-cf-id: -X0FZxGaMwULQyP5InLJUv4Rk2gVZmLlGFyWVhPamk66q_Nu11OIRg==

GET
H2 200 icon_favorite.png
images.ctfassets.net/2x5vcnvffh4i/1IO1iixaawkmuIimc64qQG/0916ee90328a0f17c21b2d677ddc8f43/ 2 KB
2 KB 375ms
347ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/1IO1iixaawkmuIimc64qQG/0916ee90328a0f17c21b2d677ddc8f43/icon_favorite.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 8e141dba9716750949e2c5b89114f9112ca373aed6c117056d8eebdc9fe29a82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:00:55 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 21:16:04 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 50737
etag: "c896c96eed8d28fcfd5eaf755492c852"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 2106
x-amz-cf-id: 5G8sVao6sHlp7oW1R9HGCTyaNPzxZqbXV2_Ygs_gOxHcP7rCK1unYA==

GET
H2 200 footer_logo.png
images.ctfassets.net/2x5vcnvffh4i/19EIZ2aDXtRalxSIA5bHHB/2302017e4f19a2192d7dd980e514aaaf/ 6 KB
7 KB 374ms
345ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/19EIZ2aDXtRalxSIA5bHHB/2302017e4f19a2192d7dd980e514aaaf/footer_logo.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: bb4ae5a198e189f19b22b17d7550fdc0284f986f927f6e56c6c745d285220be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 13:17:21 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Mon, 15 Mar 2021 19:25:32 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 28447
etag: "cc2cd4f92aca834a4a024842fe895e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6364
x-amz-cf-id: rs-wuyMXQvdr3PBvGoxvH0eFvLLkqjyArEQbtldgyVA5nwtOwe2P2Q==

GET
H2 200 icon_AdChoices.png
images.ctfassets.net/2x5vcnvffh4i/twmilMSVJ6KkA0GOAWsyu/cf0a4b62b36d46d19e729bfd9477923e/ 1 KB
2 KB 617ms
588ms Image
image/png 2600:9000:20aa:5000:12:94b3:c380:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/2x5vcnvffh4i/twmilMSVJ6KkA0GOAWsyu/cf0a4b62b36d46d19e729bfd9477923e/icon_AdChoices.png
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:5000:12:94b3:c380:93a1 -, , ASN (),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 325348b3b31255f0cffcf0a8b5fd544322eef92d7fa74b72abd9c4a693dc8c51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://balance.americangiftportal.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 08:40:44 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2020 19:53:49 GMT
server: Contentful Images API
x-amz-cf-pop: IAD89-C2
age: 44748
etag: "7ba6066d755bec79915007894e1195bc"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1236
x-amz-cf-id: f5PZJ6mVYO-DKEUs7mmnUPBJrMdpK3fxaRpM4dvzWpWkWY2WTDFzAg==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2F9A 45 KB
24 KB 502ms
0ms Document
text/html 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mnpn06ihuqzs

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

adb96965f6f793a656302e8a67bf8cab5ed9aa35906adf929722c6122316a07b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LcO0UmLBQ3JZQiPwfzlOAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://balance.americangiftportal.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 24256
content-security-policy: script-src 'report-sample' 'nonce-LcO0UmLBQ3JZQiPwfzlOAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:06:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame B2F3 169 B
623 B 579ms
120ms Document
text/html 35.81.31.24

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=109700&s=ae77d252480d490c86e2d981f32171c0
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed7d7e72e46655e62e24fbd55493a82991ea2158b1dd38d6510ce648765ac83d

Request headers

Referer: https://balance.americangiftportal.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 169
Content-Type: text/html
Date: Tue, 06 Dec 2022 21:06:32 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 13d5284b-1cf5-4d82-aaa0-041a0a6f2d82

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7099 42 KB
22 KB 517ms
144ms Document
text/html 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=8cb9v5ksigs4

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

cbda586e57c8a06d0f975d0f11e6e2e4d0d83758b1dacfc949a9915a15dfc053

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r1SZTCg0N__jJ_y4fBdXvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://balance.americangiftportal.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22253
content-security-policy: script-src 'report-sample' 'nonce-r1SZTCg0N__jJ_y4fBdXvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:06:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7DF8 7 KB
1 KB 456ms
86ms Document
text/html 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul

Requested by

Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/83414209612086035921.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

9b97f886b3d7b706ee6ed43c9ecf02500f9fdf49ee9420fca2eeee7665e5efb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jCJ6bg863v_Nvt8tdZ1rlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://balance.americangiftportal.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-jCJ6bg863v_Nvt8tdZ1rlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:06:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 2F9A 52 KB
24 KB 395ms
126ms Stylesheet
text/css 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mnpn06ihuqzs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 16:59:12 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 2F9A 399 KB
159 KB 447ms
179ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:28:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 7DF8 52 KB
24 KB 231ms
113ms Stylesheet
text/css 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 16:59:12 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 7DF8 399 KB
159 KB 253ms
135ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:28:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 7099 52 KB
24 KB 188ms
120ms Stylesheet
text/css 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=8cb9v5ksigs4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 16:59:12 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 7099 399 KB
159 KB 224ms
160ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:28:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:28:59 GMT

GET fullLogo.gif
prod.giftingapp.com/img/ Frame B2F3 0
0

GET
H3 404 BentonSans-Regular.a20f0f5561b3c69fec54.woff
balance.americangiftportal.app/ 0
0 326ms
305ms Font
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/BentonSans-Regular.a20f0f5561b3c69fec54.woff
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://balance.americangiftportal.app/styles.css
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Re5vTVnqtwc4BYFWgVHO3yanz6PdQLb%2F5213LYiqzhwlXIlkrxhhetG6Mr%2F8rsLe2fMF4mNl4EvpRBC%2Fpej%2BRRQc3mfIprXeOyq4lGcmLKCrrsUKBe%2F8ujCUMJPqVwZJJ7q1V7IekwL6M9NP%2BSEuddFtEqpnCN%2FZXQc03k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7757fc675efbb3bf-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Arial.75400f069595b41e88ac.woff
balance.americangiftportal.app/ 0
0 337ms
316ms Font
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/Arial.75400f069595b41e88ac.woff
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://balance.americangiftportal.app/styles.css
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di60tnT6nWwUNGPmfidwo3mdmG6IcLVNyMXC5tkHaKiN%2BGz33mI0hHQmqZu7shIKFTLVHoq5vSYzcXxuq0cqDdrY8otHdFIne3a9ffa8uW6Le%2B3ZfyZcW9ybGHPzGAerm7NtT2p2Z%2Bgraa3X0FzGjquSsrX7ydVCfJBx3L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7757fc675efeb3bf-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 HelveticaNeue.a858f925b333458f7915.woff
balance.americangiftportal.app/ 0
0 331ms
314ms Font
text/html 2606:4700:130:436c:6f75:6466:6c61:7265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://balance.americangiftportal.app/HelveticaNeue.a858f925b333458f7915.woff
Requested by: Host: balance.americangiftportal.app
URL: https://balance.americangiftportal.app/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:130:436c:6f75:6466:6c61:7265 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://balance.americangiftportal.app/styles.css
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85JWiYkPrrsG4ZqahvZYQi8LPT1pFA7HxYek8qCPhIhcFqUe5oEoyxa8QsTq8%2FCPjXo4B2l8Rd%2FiaziH7drS%2FjCdiuK8ja4kSN9lzG0dC1J4c6egLblrm5BxM021Wl7wVgy3bZj31I5KbPYyZv1u6uzKStGGM9KKgCLa7EY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7757fc677f46b3bf-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 171ms
67ms Font
font/woff2 2606:4700::6812:bcf

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 09/03/2022 05:37:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4f818c925dbd7ce0cfa97258ea639a7a
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7757fc680ac08db2-MIA
cdn-requestpullsuccess: True

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ 401 KB
159 KB 375ms
76ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://balance.americangiftportal.app/
Origin: https://balance.americangiftportal.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:36:20 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2F9A 2 KB
2 KB 83ms
69ms Image
image/png 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 38743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Dec 2022 10:20:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F9A 15 KB
16 KB 234ms
66ms Font
font/woff2 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 583145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 03:07:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F9A 15 KB
15 KB 249ms
81ms Font
font/woff2 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:00:33 GMT
x-content-type-options: nosniff
age: 367560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 15:00:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2F9A 102 B
133 B 88ms
87ms Other
text/javascript 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8-NMUAAAAACMEk2eSUjwunKk270W70pvTXKul&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mnpn06ihuqzs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 21:06:33 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7099 2 KB
2 KB 74ms
73ms Image
image/png 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 38743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Dec 2022 10:20:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7099 15 KB
15 KB 206ms
67ms Font
font/woff2 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 583146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 03:07:28 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7099 15 KB
15 KB 237ms
99ms Font
font/woff2 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:00:33 GMT
x-content-type-options: nosniff
age: 367561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 15:00:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7099 102 B
133 B 96ms
95ms Other
text/javascript 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXhnaWZ0Y2FyZC5jb206NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=8cb9v5ksigs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 21:06:34 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5CBA 7 KB
1 KB 93ms
89ms Document
text/html 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXJpY2FuZ2lmdHBvcnRhbC5hcHA6NDQz&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=mrivj32y5hjn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

07c396d4d694f1b9036d228983177e71ebf2c0e3052974fac4469099b71e5481

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qt_begwT_YA93ZpEzONuww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://balance.americangiftportal.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1052
content-security-policy: script-src 'report-sample' 'nonce-qt_begwT_YA93ZpEzONuww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:06:34 GMT
expires: Tue, 06 Dec 2022 21:06:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 5CBA 52 KB
24 KB 77ms
66ms Stylesheet
text/css 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXJpY2FuZ2lmdHBvcnRhbC5hcHA6NDQz&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=mrivj32y5hjn

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 06:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 06:16:00 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 5CBA 401 KB
159 KB 81ms
71ms Script
text/javascript 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXJpY2FuZ2lmdHBvcnRhbC5hcHA6NDQz&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=mrivj32y5hjn

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 18:36:20 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5CBA 2 KB
2 KB 83ms
82ms Image
image/png 2607:f8b0:4006:822::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 38744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Dec 2022 10:20:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CBA 15 KB
15 KB 80ms
79ms Font
font/woff2 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHaWwfAAAAAPWSZHeXnHmXMX3-4w2NkAQwyJcZ&co=aHR0cHM6Ly9iYWxhbmNlLmFtZXJpY2FuZ2lmdHBvcnRhbC5hcHA6NDQz&hl=en&v=kIwrVVm2NtNiYWIMfmAv61AP&size=invisible&cb=mrivj32y5hjn

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 583146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 03:07:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prod.giftingapp.com
URL: https://prod.giftingapp.com/img/fullLogo.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
americanerpress.com/	1970-01-20 17:35:20	Name: __tad Value: 1670360783.2065242
0redire.com/	1970-01-20 17:35:20	Name: __tad Value: 1670360786.7883726
.mybettermb.com/	1970-01-20 12:18:32	Name: rhid Value: 82503930805
.mybettermb.com/	1970-01-20 07:59:24	Name: loi Value: ad_1206037_off_649801_aff_90840_cid_249699-1652317697_ts_1670360788
american-getaways.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 62j3t5l3ont5mtqt2cb5tnc1hl
balance.americangiftportal.app/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9b88925qflmhnp9fpe3hm1ia5i
ssl.kaptcha.com/	1970-01-20 10:08:56	Name: k Value: 14e2a9fb28f04ec8b37037db962d4904

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://balance.americangiftportal.app/gatie-Which-Feart-If-the-word-as-to-tell-dye-and Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://prod.giftingapp.com/img/fullLogo.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://balance.americangiftportal.app/BentonSans-Regular.a20f0f5561b3c69fec54.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://balance.americangiftportal.app/Arial.75400f069595b41e88ac.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://balance.americangiftportal.app/HelveticaNeue.a858f925b333458f7915.woff Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js(Line 227) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://balance.amexgiftcard.com') does not match the recipient window's origin ('https://balance.americangiftportal.app').
security	error	URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js(Line 227) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://balance.amexgiftcard.com') does not match the recipient window's origin ('https://balance.americangiftportal.app').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0redire.com
american-getaways.com
americanerpress.com
balance.americangiftportal.app
c.evidon.com
clkdeals.com
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
maxcdn.bootstrapcdn.com
mybettermb.com
p249699.mybettermb.com
prod.giftingapp.com
ssl.kaptcha.com
www.aexp-static.com
www.google.com
www.gstatic.com
prod.giftingapp.com
103.224.182.206
103.224.182.246
108.168.193.184
108.168.193.189
173.223.180.63
23.54.216.203
2600:9000:20aa:5000:12:94b3:c380:93a1
2606:4700:130:436c:6f75:6466:6c61:7265
2606:4700:3037::ac43:91f4
2606:4700::6812:bcf
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2003
35.81.31.24
02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0
043e9b5fca81d0b4bbdf82cf35cc2adfe231de06dc194152d98ff741bab8dac6
07c396d4d694f1b9036d228983177e71ebf2c0e3052974fac4469099b71e5481
0e7f3d783a8d5e8444d64f172c9b0fee2955c2022e7bf7e20557dfc6104f6fc7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
232fc25111f9065759d1a3ce1a2d19373cdc5903c85ebb3dc8f508d39c567bbf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
325348b3b31255f0cffcf0a8b5fd544322eef92d7fa74b72abd9c4a693dc8c51
3b2f17aad77e6930f34a34e57c08b3a12685ba8cee09b56ac0deb001c17ea5be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4f49092018cd7c0068ff35f4ccf26aa8ce588896fab4f23f019f9c2d792c6776
535c9e3ec9bb07fad6525cb6e51cc37cf87425efdca6ccd3b667197de60983c0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
64a05c403923114ae64b87c017a4bb0e6c9065158afab52104b067620a1301e3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81aabdfed22f4f2758877091b514390c2f74d48e7b966392b10acb77a0299b3a
898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0
8e141dba9716750949e2c5b89114f9112ca373aed6c117056d8eebdc9fe29a82
997e95b9c7fac7bf68e2699007ef8efa07d738d3f84bb886539e4fa5e1e8af53
9b97f886b3d7b706ee6ed43c9ecf02500f9fdf49ee9420fca2eeee7665e5efb0
adb96965f6f793a656302e8a67bf8cab5ed9aa35906adf929722c6122316a07b
bb4ae5a198e189f19b22b17d7550fdc0284f986f927f6e56c6c745d285220be9
cbda586e57c8a06d0f975d0f11e6e2e4d0d83758b1dacfc949a9915a15dfc053
ce8febb3d2f79b60dcaa4e74e91c28580acb0c3eab2b94850cfe5c9b43e9993b
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3
ed7d7e72e46655e62e24fbd55493a82991ea2158b1dd38d6510ce648765ac83d
ed81e45122fdcebe6f60893184eb694f95ef50ff21f8ed64dafe9aabdfedd334
f2e0fb3459f3a768d576380f5049cd28037715dcd2e460dde52d9cdbbfd35706
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

balance.americangiftportal.app Open in urlscan Pro 2606:4700:130:436c:6f75:6466:6c61:7265 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

53 %IPv6

15 Domains

17 Subdomains

15 IPs

2 Countries

2135 kBTransfer

4681 kBSize

7 Cookies

10 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

balance.americangiftportal.app Open in urlscan Pro
2606:4700:130:436c:6f75:6466:6c61:7265 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

53 %
IPv6

15
Domains

17
Subdomains

15
IPs

2
Countries

2135 kB
Transfer

4681 kB
Size

7
Cookies

53 HTTP transactions
0 data transactions