urlscan.io logo urlscan.io
SecurityTrails logo

hadiahspin.pro Open in urlscan Pro
2a02:4780:3:1334:0:378f:b725:10  Public Scan

Go To Rescan Add Verdict Report
URL: https://hadiahspin.pro/
Submission: On September 03 via api from BE — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 2a02:4780:3:1334:0:378f:b725:10, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is hadiahspin.pro.
TLS certificate: Issued by R11 on August 31st 2024. Valid for: 3 months.
This is the only time hadiahspin.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a02:4780:3:1... 47583 (AS-HOSTINGER)
3 2404:6800:400... 15169 (GOOGLE)
2 104.16.160.145 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
2 157.240.15.13 32934 (FACEBOOK)
1 104.17.111.223 13335 (CLOUDFLAR...)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 104.21.235.70 13335 (CLOUDFLAR...)
16 8
3    2a02:4780:3:1334:0:378f:b725:10 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
hadiahspin.pro
3    2404:6800:4003:c11::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    2404:6800:4003:c02::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
1    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
2    2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)
iili.io
Apex Domain
Subdomains		 Transfer
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
66 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
248 KB
3 hadiahspin.pro
hadiahspin.pro
2 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
70 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 iili.io
iili.io — Cisco Umbrella Rank: 28319
49 KB
16 7
Domain Requested by
3 www.googletagmanager.com hadiahspin.pro
3 hadiahspin.pro hadiahspin.pro
2 www.facebook.com hadiahspin.pro
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
2 cdn.onesignal.com hadiahspin.pro
cdn.onesignal.com
1 iili.io
1 onesignal.com cdn.onesignal.com
16 8

This site contains no links.

Subject Issuer Validity Valid
hadiahspin.pro
R11		 2024-08-31 -
2024-11-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-12 -
2024-09-10		 3 months crt.sh
onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
iili.io
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hadiahspin.pro/
Frame ID: 8B3148C274D5E0F14DB1C5E4E7A5825B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Alow / Izinkan Notif untuk claim hadiah!

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2132 kB
Transfer

3025 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hadiahspin.pro/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:1334:0:378f:b725:10 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.2.16
Resource Hash
a7d24ab6f96d36af2677e5f1566e48dc4e3a8ff9838a683d417ec544bce4afdf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 06:04:08 GMT
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.2.16
js
www.googletagmanager.com/gtag/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WKRZRWZMSV
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe72604db573b5e4de1c9aa4502cf17270bb8f395dab6c69d75e65a2182515d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104708
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 06:04:09 GMT
55.gif
hadiahspin.pro/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hadiahspin.pro/55.gif
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:1334:0:378f:b725:10 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aaf99a6637e75344064f3ee50db1920ecf9d97ac9ca866047df5e597f7aff172
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:08 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 31 Aug 2024 13:13:14 GMT
server
LiteSpeed
panel
hpanel
etag
"19834b-66d316ea-3ade4c6c432f3d13;;;"
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1672011
expires
Tue, 10 Sep 2024 06:04:08 GMT
ceklis1.png
hadiahspin.pro/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hadiahspin.pro/ceklis1.png
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:1334:0:378f:b725:10 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
53158fad5e2c91783f07813ab68a3ad76eb780483b77ace45a52e94371211e52
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:08 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 31 Aug 2024 10:29:49 GMT
server
LiteSpeed
panel
hpanel
etag
"e07b-66d2f09d-dc69ae62a02b0f48;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
57467
expires
Tue, 10 Sep 2024 06:04:08 GMT
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
797
etag
W/"19fb0fd50e69d6b97e1badc837a6dff2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bd38a6c7966ce1e-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Sep 2024 06:04:09 GMT
gtm.js
www.googletagmanager.com/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ8Z8QBZ
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcf056744f6d03913975f9d5b2ca428cc713d5ece3c96ec9a53b684334ff274c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67169
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 06:04:09 GMT
gtm.js
www.googletagmanager.com/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TMPRCCNQ
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4797ba400d2ee56d58c799e0deb18f9d7a975906d3e4e3574935287a27992ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 06:04:09 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WKRZRWZMSV&gtm=45je48s0v9175517659za200&_p=1725343449004&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=553748839.1725343449&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725343449&sct=1&seg=0&dl=https%3A%2F%2Fhadiahspin.pro%2F&dt=Alow%20%2F%20Izinkan%20Notif%20untuk%20claim%20hadiah!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKRZRWZMSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 06:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hadiahspin.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		259 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3130
etag
W/"2d5effdf1f67f3d889acd0f923ae833f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bd38a6d2c5cce1e-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Sep 2024 06:04:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMPRCCNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Sep 2024 06:04:09 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4296, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
D3/h+afSjsHSowMbB5m2n5RWp1DFxTqldUw3gvFsObbANDfgCuRsOkEdcO8Y7PljUTiYQpYn4eeVbfXqJmNlyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
web
onesignal.com/api/v1/sync/b5458f71-ed6c-44ad-89df-e0cc2dd49df9/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/b5458f71-ed6c-44ad-89df-e0cc2dd49df9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565a7ee47b62ebf3a0ab99366dd789976e4ba7b0bdc3aa49e3c635b7a387ad29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:09 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c5509707-9fe4-47e9-8ee0-e88e243f52a5
x-runtime
0.050400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"565a7ee47b62ebf3a0ab99366dd78997"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8bd38a6ded634073-SIN
access-control-allow-headers
SDK-Version
expires
Tue, 03 Sep 2024 07:04:09 GMT
746288743972793
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/746288743972793?v=2.9.166&r=stable&domain=hadiahspin.pro&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
cd2f33c4dd00b3551ee96fccbd8f3ed84a8f1a59a61cf2d0b197de29ef812054
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Sep 2024 06:04:09 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=68, mss=1232, tbw=66934, tp=63, tpl=0, uplat=308, ullat=0
pragma
public
x-fb-debug
Do2lfqrWVttCY3Mz/kEW1mMs5ze9oD8gw6nN/hvISUNJJFUlTnjv2ubtTEOAyU1wPmls4A04Y2V6xbgTZfWYEA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=746288743972793&ev=PageView&dl=https%3A%2F%2Fhadiahspin.pro%2F&rl=&if=false&ts=1725343449605&cd[event_name]=PageView&cd[first_party_collection]=true&sw=1600&sh=1200&ud[cn]=64ffdd11de6ad74f42e76bb25404883522593ffa8d9ab2c7ab585d377349bb77&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1725343449604.96559435944773438&ler=empty&cdl=API_unavailable&it=1725343449264&coo=false&eid=1725343449169.712412.1&tm=1&rqm=GET
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=1, c=10, mss=1297, tbw=2835, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 03 Sep 2024 06:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=746288743972793&ev=PageView&dl=https%3A%2F%2Fhadiahspin.pro%2F&rl=&if=false&ts=1725343449605&cd[event_name]=PageView&cd[first_party_collection]=true&sw=1600&sh=1200&ud[cn]=64ffdd11de6ad74f42e76bb25404883522593ffa8d9ab2c7ab585d377349bb77&v=2.9.166&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1725343449604.96559435944773438&ler=empty&cdl=API_unavailable&it=1725343449264&coo=false&eid=1725343449169.712412.1&tm=1&rqm=FGET
Requested by
Host: hadiahspin.pro
URL: https://hadiahspin.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 03 Sep 2024 06:04:09 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410293688887676881", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=2, c=14, mss=1297, tbw=3152, tp=-1, tpl=-1, uplat=291, ullat=0
pragma
no-cache
x-fb-debug
NklmlpM3SNesacw1y4i0utdRIhrfdJ/qJdULbVClIORDipmcH6moq4zpaxSLYl3raDda8hODsG71xMxwifnRKA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410293688887676881"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
JRWqE0J.webp
iili.io/ 		49 KB
49 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://iili.io/JRWqE0J.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5933820ac59e1e586d3fc3e7647cf79d83349d2eaa5b328da70d89291280fb8d

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 06:04:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
50036
last-modified
Wed, 27 Dec 2023 08:47:07 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XssTDDjnbFAOHsDmW4PVBuLEe2Qub7FQr7qJo%2BSFVH%2FeRwRxt6oBqUJmvW71JemRoF4cWMMaRBnyFwxZ1YmsGLicQPFSMSawCMN7%2FSHoKbAcWzk061vdC40B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8bd38a72ca02ce4a-SIN
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WKRZRWZMSV&gtm=45je48s0v9175517659za200&_p=1725343449004&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=553748839.1725343449&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1725343449&sct=1&seg=0&dl=https%3A%2F%2Fhadiahspin.pro%2F&dt=Alow%20%2F%20Izinkan%20Notif%20untuk%20claim%20hadiah!&en=scroll&epn.percent_scrolled=90&_et=30&tfd=5293
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKRZRWZMSV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://hadiahspin.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 06:04:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hadiahspin.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| showCustomPopup function| OneSignalDeferred function| subscribeUser function| subscribeToNotifications object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| _randomPageId function| fbq function| _fbq object| _fbq_gtm_ids number| __oneSignalSdkLoadCount function| OneSignal function| __jp0

4 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: qz.Ur.ms6dTZvpR6pSoHcKr3DX36tzKnIQQm_DigsN8-1725343449-1.0.1.1-NeTCk8B0_9x8iieKDQlMUX5tZkp76dPlY5HaQwSEV_tP096RkstBelCNdRTnP4DuAxqE9MuHS93WmR_7kdCcIg
.hadiahspin.pro/ Name: _ga
Value: GA1.1.553748839.1725343449
.hadiahspin.pro/ Name: _ga_WKRZRWZMSV
Value: GS1.1.1725343449.1.0.1725343449.0.0.0
.hadiahspin.pro/ Name: _fbp
Value: fb.1.1725343449604.96559435944773438

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests