claimthisnow.net Open in urlscan Pro
185.128.34.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo3.bluehornet.com/ct/54838435:W1zI2OvEN:m:1:2181078060:C3794C336A0742C9B000000370830B5C:r
Effective URL:
https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINN...
Submission: On April 08 via manual (April 8th 2020, 7:01:34 pm UTC) from GB

Summary HTTP 55 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 55 HTTP transactions. The main IP is 185.128.34.116, located in Netherlands and belongs to EUROFIBER-UNET EUROFIBER / UNET Network, NL. The main domain is claimthisnow.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 4th 2020. Valid for: 3 months.

This is the only time claimthisnow.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.213.175.228 34.213.175.228	16509 (AMAZON-02) (AMAZON-02)
1	178.255.74.102 178.255.74.102	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
1 1	212.32.252.72 212.32.252.72	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2606:4700:303... 2606:4700:3031::681f:5f75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	185.128.34.116 185.128.34.116	29396 (EUROFIBER...) (EUROFIBER-UNET EUROFIBER / UNET Network)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	2600:9000:215... 2600:9000:2156:be00:2:7bf5:a0c0:21	16509 (AMAZON-02) (AMAZON-02)
1	94.228.142.45 94.228.142.45	41887 (PROLOCATI...) (PROLOCATION Transit policy pref 100)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
3	185.128.34.117 185.128.34.117	29396 (EUROFIBER...) (EUROFIBER-UNET EUROFIBER / UNET Network)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
12	2600:9000:20e... 2600:9000:20eb:7000:b:413c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
55	16

1 34.213.175.228 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-175-228.us-west-2.compute.amazonaws.com

echo3.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.255.74.102 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: oleggiocastello.espotter.net

affiliate.across.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.72 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.digitaldatadock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::681f:5f75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.trlxcf02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.128.34.116 (Netherlands)

ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL)

claimthisnow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:be00:2:7bf5:a0c0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

djjcyqvteia9v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.142.45 (Netherlands)

ASN41887 (PROLOCATION Transit policy pref 100, NL)

ehawk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.128.34.117 (Netherlands)

ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL)

bevestignu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:20eb:7000:b:413c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.cloudcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	claimthisnow.net claimthisnow.net	743 KB
12	cloudcnt.com cdn.cloudcnt.com	129 KB
4	google-analytics.com 1 redirects www.google-analytics.com	42 KB
3	bevestignu.net bevestignu.net	72 KB
3	gstatic.com fonts.gstatic.com	31 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	36 KB
2	trlxcf02.com 1 redirects click.trlxcf02.com	3 KB
1	ad-score.com data.ad-score.com	722 B
1	doubleclick.net stats.g.doubleclick.net	102 B
1	ehawk.net ehawk.net	14 KB
1	cloudfront.net 1 redirects djjcyqvteia9v.cloudfront.net	296 B
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	1010 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	digitaldatadock.com 1 redirects track.digitaldatadock.com	252 B
1	across.it affiliate.across.it	918 B
1	bluehornet.com 1 redirects echo3.bluehornet.com	761 B
55	18

	Domain	Requested by
22	claimthisnow.net	claimthisnow.net
12	cdn.cloudcnt.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	bevestignu.net	claimthisnow.net
3	fonts.gstatic.com	claimthisnow.net
3	maxcdn.bootstrapcdn.com	claimthisnow.net
2	click.trlxcf02.com	1 redirects
1	data.ad-score.com	claimthisnow.net
1	stats.g.doubleclick.net
1	ehawk.net	claimthisnow.net
1	djjcyqvteia9v.cloudfront.net	1 redirects
1	code.jquery.com	claimthisnow.net
1	fonts.googleapis.com	claimthisnow.net
1	www.googletagmanager.com	claimthisnow.net
1	cdn.onesignal.com	claimthisnow.net
1	track.digitaldatadock.com	1 redirects
1	affiliate.across.it
1	echo3.bluehornet.com	1 redirects
55	18

This site contains links to these domains. Also see Links.

Domain
unsubscribe.portal-leads.eu
pmdsc.co.uk
www.aliceoffersyou.com
www.economyenergy.co.uk
www.scottishpower.co.uk
emnetwork.dk
tladm.co.uk
www.nabuhenergy.co.uk
www.boostpower.co.uk
www.mygreenstarenergy.com
orbitenergy.co.uk
www.carphonewarehouse.com
www.inboxagency.com
www.lead365.co.uk
utilita.co.uk
www.claimshelpdesk.co.uk
www.gogroopie.com
www.discountexperts.com
www.homeimprovementquotes.co.uk
www.sky.com
adviceglobal.com.mt
www.affilihub.com
www.clicklabsgroup.com
www.smartinsurance.co.uk
www.webreathemedia.com
www.hotmeetups.com
www.esbenergy.co.uk
www.mortgageadviceservices.co.uk
www.advisorynetwork.co.uk
www.globalappliancecare.com
www.mydealtracker.co.uk
homeshielddirect.co.uk
www.diabetes.org.uk
www.evasonfildes.com
www.utilityswitching.co.uk
www.o2.co.uk
www.dignityfunerals.co.uk
www.rituals.com
wowpage.co.uk
getprotect.co.uk
www.bt.com
www.neptisuk.com
healthierintermediaries.com
concordfuneralplan.com
permissionmedia.co.uk
bulb.co.uk
lapapp-international.com
www.shellenergy.co.uk
octopus.energy
www.jobgrabba.com
www.outspot.be
hasslefreeboilers.com
www.moneyresults.com
sptwo.com
www.miranda-clairvoyant.com
veriform.digital
www.v4telecom.co.uk
pinnaclelife.co.uk
www.yourlifemadeeeasy.today
audienceserv.com
www.amazon.nl
www.dissolvedebt.co.uk

Subject Issuer	Validity	Valid
www.ediscom.it GlobalSign Organization Validation CA - SHA256 - G2	`2019-03-11` - `2021-03-11`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-02` - `2020-10-09`	10 months	crt.sh
claimthisnow.net Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.ehawk.net Sectigo RSA Domain Validation Secure Server CA	`2020-01-13` - `2021-01-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
bevestignu.net Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2019-09-02` - `2020-11-01`	a year	crt.sh
*.cloudcnt.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Frame ID: 0D7129A31037B9A8E0CA77D6C401AF07
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://track.digitaldatadock.com/click?pid=14&offer_id=1291&sub1=yhn5grqaor3brwci30qC286576304 HTTP 302
https://click.trlxcf02.com/click/WoOsEyasjWWuGl9ZFg?affid=102449&c1=5e8e1f69ad315e00012f87e2&c3=14_&c6=... HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dq... Page URL
https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publi... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_dav (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

55
Requests

100 %
HTTPS

63 %
IPv6

18
Domains

18
Subdomains

16
IPs

5
Countries

1132 kB
Transfer

2404 kB
Size

5
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: http://unsubscribe.portal-leads.eu/
Title: here

Search URL Search Domain Scan URL

URL: https://pmdsc.co.uk/PMDSC_Privacy_Policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.aliceoffersyou.com/terms-and-conditions/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.economyenergy.co.uk/helpful-information/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.scottishpower.co.uk/legal/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://emnetwork.dk/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://tladm.co.uk/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.nabuhenergy.co.uk/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.boostpower.co.uk/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.mygreenstarenergy.com/about-us/terms-conditions
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://orbitenergy.co.uk/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.carphonewarehouse.com/terms-and-conditions/privacy-policy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.inboxagency.com/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.lead365.co.uk/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://utilita.co.uk/terms
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.claimshelpdesk.co.uk/privacy-policy/
Title: https://www.claimshelpdesk.co.uk/privacy-policy/

Search URL Search Domain Scan URL

URL: https://www.gogroopie.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.discountexperts.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.homeimprovementquotes.co.uk/privacy-and-advertising-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.sky.com/help/articles/sky-privacy-and-cookies-notice
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://adviceglobal.com.mt/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.affilihub.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.clicklabsgroup.com/client-list
Title: partners

Search URL Search Domain Scan URL

URL: https://www.clicklabsgroup.com/privacy-policy-2
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.smartinsurance.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.webreathemedia.com/client-list
Title: partners

Search URL Search Domain Scan URL

URL: https://www.webreathemedia.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.hotmeetups.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.esbenergy.co.uk/privacy#heading1
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mortgageadviceservices.co.uk/privacy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.advisorynetwork.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.globalappliancecare.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mydealtracker.co.uk/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://homeshielddirect.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.diabetes.org.uk/privacy
Title: Privacy terms

Search URL Search Domain Scan URL

URL: http://www.evasonfildes.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.utilityswitching.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.o2.co.uk/termsandconditions/privacy-policy%20
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dignityfunerals.co.uk/privacy-policy/
Title: Privacy Terms

Search URL Search Domain Scan URL

URL: https://www.rituals.com/nl-nl/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://wowpage.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://getprotect.co.uk/privacy-and-cookies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bt.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.neptisuk.com/privacy-policy/
Title: https://www.neptisuk.com/privacy-policy/

Search URL Search Domain Scan URL

URL: http://healthierintermediaries.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://concordfuneralplan.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://permissionmedia.co.uk/privacy-policy/
Title: https://permissionmedia.co.uk/privacy-policy/

Search URL Search Domain Scan URL

URL: https://bulb.co.uk/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://lapapp-international.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.shellenergy.co.uk/info/policies/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://octopus.energy/policies/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jobgrabba.com/tandc
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.outspot.be/nl/privacybeleid
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.esbenergy.co.uk/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://hasslefreeboilers.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.moneyresults.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://sptwo.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.miranda-clairvoyant.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://veriform.digital/privacy-policy-2/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.v4telecom.co.uk/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pinnaclelife.co.uk/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.yourlifemadeeeasy.today/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://audienceserv.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amazon.nl/gp/help/customer/display.html?ie=UTF8&nodeId=201909010&ref_=footer_privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.smartinsurance.co.uk/privacy-policy-cookies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dissolvedebt.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.digitaldatadock.com/click?pid=14&offer_id=1291&sub1=yhn5grqaor3brwci30qC286576304 HTTP 302
https://click.trlxcf02.com/click/WoOsEyasjWWuGl9ZFg?affid=102449&c1=5e8e1f69ad315e00012f87e2&c3=14_&c6={DOMAINNAME}&c7={FBPIXEL} HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b Page URL
https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo3.bluehornet.com/ct/54838435:W1zI2OvEN:m:1:2181078060:C3794C336A0742C9B000000370830B5C:r HTTP 302
https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q

Request Chain 1

https://track.digitaldatadock.com/click?pid=14&offer_id=1291&sub1=yhn5grqaor3brwci30qC286576304 HTTP 302
https://click.trlxcf02.com/click/WoOsEyasjWWuGl9ZFg?affid=102449&c1=5e8e1f69ad315e00012f87e2&c3=14_&c6={DOMAINNAME}&c7={FBPIXEL} HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b

Request Chain 23

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js HTTP 301
https://ehawk.net/talon-cdn/EHawkTalon.js

Request Chain 37

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=705060423&t=pageview&_s=1&dl=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAUADQ~&jid=1224583906&gjid=338850480&cid=727769558.1586372459&tid=UA-129693020-1&_gid=571968761.1586372459&_r=1&gtm=2ou432&z=349452033 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=727769558.1586372459&jid=1224583906&_gid=571968761.1586372459&gjid=338850480&_v=j81&z=349452033

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set yhn5grqaor3brwci30q
affiliate.across.it/v2/click/
Redirect Chain

http://echo3.bluehornet.com/ct/54838435:W1zI2OvEN:m:1:2181078060:C3794C336A0742C9B000000370830B5C:r
https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q

0
918 B

386ms
83ms

Document
text/html

178.255.74.102
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 178.255.74.102 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS: oleggiocastello.espotter.net
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 / PHP/5.4.13
Resource Hash

Request headers

Host: affiliate.across.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:57 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Set-Cookie: tr[yhn5grqaor3brwci30q]=1; expires=Wed, 08-Apr-2020 20:00:57 GMT; path=/; samesite=None; secure track[5153]=yhn5grqaor3brwci30qC286576304; expires=Thu, 09-Apr-2020 19:00:57 GMT; path=/; samesite=None; secure track[0]=yhn5grqaor3brwci30qC286576304; expires=Thu, 09-Apr-2020 19:00:57 GMT; path=/; samesite=None; secure
P3P: policyref="https://affiliate.across.it/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT";
Refresh: 0; URL=https://track.digitaldatadock.com/click?pid=14&offer_id=1291&sub1=yhn5grqaor3brwci30qC286576304
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 20
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Wed, 08 Apr 2020 19:00:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 187
Connection: keep-alive
Set-Cookie: AWSALB=WkYtzDLUKaQL+EEaye5hnFAFCEbhLS/a13CB6PmtjYxlc5O5+5iZ1HJUmrkbv/RMTjsdjW6O1yKjImPuiDpNQw6R4paEglZWRe21vii1riG+tptqUWnC8881l+rS; Expires=Wed, 15 Apr 2020 19:00:56 GMT; Path=/ AWSALBCORS=WkYtzDLUKaQL+EEaye5hnFAFCEbhLS/a13CB6PmtjYxlc5O5+5iZ1HJUmrkbv/RMTjsdjW6O1yKjImPuiDpNQw6R4paEglZWRe21vii1riG+tptqUWnC8881l+rS; Expires=Wed, 15 Apr 2020 19:00:56 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Pragma: no-cache
Location: https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q
Content-Encoding: gzip

GET
H2

200

d.php Show response
click.trlxcf02.com/main/
Redirect Chain

https://track.digitaldatadock.com/click?pid=14&offer_id=1291&sub1=yhn5grqaor3brwci30qC286576304
https://click.trlxcf02.com/click/WoOsEyasjWWuGl9ZFg?affid=102449&c1=5e8e1f69ad315e00012f87e2&c3=14_&c6={DOMAINNAME}&c7={FBPIXEL}
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME...

260 B
555 B

369ms
369ms

Document
text/html

2606:4700:3031::681f:5f75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681f:5f75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53aa8de7e538503c9506d9a379f0bf0e94c1a3aedb3fad63bc204b5725333fd6

Request headers

:method: GET
:authority: click.trlxcf02.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d7b28b5a3238e3cf53ad01b5df2edcd4f1586372457; AWSALB=RtwkcqOtwNn7b47sbbuUu56LV8u1vqjdh98YTJ2PaShE7HiCds+ixY/agNdbv5DcYZiiZjt6sci3wK9kyzpLSz+XcrMSJz1TKpjlUZ3rGyGjixbBrUtezxE+sUuD; AWSALBCORS=RtwkcqOtwNn7b47sbbuUu56LV8u1vqjdh98YTJ2PaShE7HiCds+ixY/agNdbv5DcYZiiZjt6sci3wK9kyzpLSz+XcrMSJz1TKpjlUZ3rGyGjixbBrUtezxE+sUuD; XSRF-TOKEN=eyJpdiI6Im1SWkZpRzJ6eUp3NUdLTnJtQU1QOEE9PSIsInZhbHVlIjoibkRHMEoxMUt6TWpUTXpKVzBUV2VWck02NWZpT0dHcE52dlwvMzBcL09DbytUenl3WWlGNmUwNVpPT2E3SVM4WVYzM0Q1cFhxaytqTkFkMmVlaGlDa002UT09IiwibWFjIjoiMTgzNzc2MTRlYTlmZjQ2MGYzYjk5NmZlYzhlOTk5OGM2ZDc5OGM0NDg2YzEzNDZjNzg1OTAxZjM1NzI0MDY4MyJ9; session=eyJpdiI6Imo3TStuM3p4NXQzVVpROGhBdnBHOWc9PSIsInZhbHVlIjoiRkJsM2RPUVlIK1lSODZ6eWRCbzJNNnNsWnlwQWd2UUVLUGxNNW9GRk5LQ1FTaExSZ09hNXlsWVI2dHJNSXFXc2FTRWNLWXB3aGJFUzlhanpkVWJMSXc9PSIsIm1hYyI6Ijc0MDQwMTJiYzk0MmRlNTZlYzZkNmZlOGI3ZDBiNmExMWRmZDkzZjI4NjIxOWRmMDU4YTBlYTMwYzllZjY4YTgifQ%3D%3D; ept2=eyJpdiI6IkpCcld0a3l3T0Q0aHVISzBpa1JRM0E9PSIsInZhbHVlIjoiSjkyaUl4YjVRUE05cklMbkc3OHNzZmdNMHFKRFlkN0ppV1VlblFzVERhQURvSU8wRk9pNUtkY1dwVE9RcTV0bEdcL20yaUw0T2g2K1dpWDh1bHFUOTB3MTFjUktEU3FcL09MelR3OVwvSnZ1c08raVVLUERxSElIQWU1RnFxVjZiUWVXNDFcLzVrS2NaQU5MRGpCd1Izd05VbVFCTkgwRHUwNUhIREtUc1wvdFhpUm5qbjZaVitLU052NktLTzBER1lqYjMiLCJtYWMiOiI5N2FjOTM0YjFkMDcxYmY1NjFhNDQ0OWRjZGQ5MTFhMjkwMzJhY2I3OGNkNTE5ZTQ1M2UyMTBmZDQzOWUzM2NmIn0%3D; S7bkTR9oU9DyXyt7fuUZuxL3HpLUuc3W9U6mzOAq=eyJpdiI6IkFwUE5iRk9kbnBFU01RNVlkOFptUVE9PSIsInZhbHVlIjoicGRwTUVTZ2lvWFUrRmZGaG9RQzR3QXhieWJZRzRcL0tuYThUcTY3OUV3VlBkOUlPOUFVbUlmMU5ZQTdLNFpuMjJxVmR3NTZCWG9pMDNGb0pDV3VVVDJmZ000TnNBVkNzNlFqR2NJeUlpaHpSMkJ1Tkh6dlY2dDl4THhXZlkraEhJTFdYREd2MnJ4TzBhSkc0NEhUOXJlZ2FWVnlIT011WEVGS0ljK25SSlJFQ3RwVmd2blwvNUdMN3NqSVc5ck5KWnVnbjNsdmd0ZVVxNjJsZzQwdjRiR003azBIS0RwanBsWlpieWh1dEd1OFZiTXd1bW5XRnk3NVNuaW9hWnVCYjE5VWViVTdNXC9Yb0x5VG5PdGpJandOZ2tsa0ZpRzJnTVNJVWRQTlNQa1BqTjhTWEgwZ0ZzcmVWXC9uVHVOaXlVb0VGWVpueWtWb0xZUlFqVjdVOStCOGxDaklRclhrcEc2bmNRMENGRXViRDVibGRhYkdrZlNEdU03aXVTdU5telgyanFWaDRHcTBLMVRMS1wvbnlnbEZiR3J0STh3UnpETFNGa3BNWDQyZmY0OXNxWVVBZHdza21tRm1aWjY2SGQ4RGxMZk9wWTBcL1wvVTJKV1F1QnBBN1FRdlhEbkZHZ3FEWmJcL29aOE1ZQlV3OEhRT3M5ZHJIMGtZT3Y0V0d3VlRUOEpXR2xpUit1YmZtb3ZUWld5ZmRsT2h5RjRsTEFMXC9XeGFXQVFLbFBNM0w4TWtraGlzejJUa1wvQW10bWJ1S1A2aWtmRTVtQ0VKeEplMGgzMVVZOXRBSG5ycis2cGtPMDNcL2o1TFhoZzZMOUtIalBHOGdvb1BxcFhZT1U2VHJaSW1XOStEb3RlNERqcjRYanF4XC9LM3FtbHJhWVQ0aktzSnQrTWgydkF6YmdjN1B3R2VkaU5nMVhBbkFEXC9wWUdqZEQ3d2NpIiwibWFjIjoiMzE2NjYyMWVmYzhlYzIwZTg4NTdlYWZlMjgyOTVlYzhlMzAxZDNiYTg0ZjBjZmJhY2I1Y2ZlN2NjNDQzZWExMiJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://affiliate.across.it/v2/click/yhn5grqaor3brwci30q

Response headers

status: 200
date: Wed, 08 Apr 2020 19:00:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=xNFN8WQWIZ+R42aYSCpvS0dSu37P2m6Db1aOOCEIxBnrvekB3wGJUzBg2ISGxbFv/K9rKQI4+q9Sdeg4uYIdqOqgst/PsSHOhjPO245g1MsAcBN9N6LnY3QOVIdf; Expires=Wed, 15 Apr 2020 19:00:58 GMT; Path=/ AWSALBCORS=xNFN8WQWIZ+R42aYSCpvS0dSu37P2m6Db1aOOCEIxBnrvekB3wGJUzBg2ISGxbFv/K9rKQI4+q9Sdeg4uYIdqOqgst/PsSHOhjPO245g1MsAcBN9N6LnY3QOVIdf; Expires=Wed, 15 Apr 2020 19:00:58 GMT; Path=/; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 580e3bf7ac7cc2e5-FRA
content-encoding: br

Redirect headers

status: 302
date: Wed, 08 Apr 2020 19:00:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7b28b5a3238e3cf53ad01b5df2edcd4f1586372457; expires=Fri, 08-May-20 19:00:57 GMT; path=/; domain=.trlxcf02.com; HttpOnly; SameSite=Lax AWSALB=RtwkcqOtwNn7b47sbbuUu56LV8u1vqjdh98YTJ2PaShE7HiCds+ixY/agNdbv5DcYZiiZjt6sci3wK9kyzpLSz+XcrMSJz1TKpjlUZ3rGyGjixbBrUtezxE+sUuD; Expires=Wed, 15 Apr 2020 19:00:57 GMT; Path=/ AWSALBCORS=RtwkcqOtwNn7b47sbbuUu56LV8u1vqjdh98YTJ2PaShE7HiCds+ixY/agNdbv5DcYZiiZjt6sci3wK9kyzpLSz+XcrMSJz1TKpjlUZ3rGyGjixbBrUtezxE+sUuD; Expires=Wed, 15 Apr 2020 19:00:57 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6Im1SWkZpRzJ6eUp3NUdLTnJtQU1QOEE9PSIsInZhbHVlIjoibkRHMEoxMUt6TWpUTXpKVzBUV2VWck02NWZpT0dHcE52dlwvMzBcL09DbytUenl3WWlGNmUwNVpPT2E3SVM4WVYzM0Q1cFhxaytqTkFkMmVlaGlDa002UT09IiwibWFjIjoiMTgzNzc2MTRlYTlmZjQ2MGYzYjk5NmZlYzhlOTk5OGM2ZDc5OGM0NDg2YzEzNDZjNzg1OTAxZjM1NzI0MDY4MyJ9; expires=Wed, 08-Apr-2020 21:00:58 GMT; Max-Age=7200; path=/ session=eyJpdiI6Imo3TStuM3p4NXQzVVpROGhBdnBHOWc9PSIsInZhbHVlIjoiRkJsM2RPUVlIK1lSODZ6eWRCbzJNNnNsWnlwQWd2UUVLUGxNNW9GRk5LQ1FTaExSZ09hNXlsWVI2dHJNSXFXc2FTRWNLWXB3aGJFUzlhanpkVWJMSXc9PSIsIm1hYyI6Ijc0MDQwMTJiYzk0MmRlNTZlYzZkNmZlOGI3ZDBiNmExMWRmZDkzZjI4NjIxOWRmMDU4YTBlYTMwYzllZjY4YTgifQ%3D%3D; expires=Wed, 08-Apr-2020 21:00:58 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IkpCcld0a3l3T0Q0aHVISzBpa1JRM0E9PSIsInZhbHVlIjoiSjkyaUl4YjVRUE05cklMbkc3OHNzZmdNMHFKRFlkN0ppV1VlblFzVERhQURvSU8wRk9pNUtkY1dwVE9RcTV0bEdcL20yaUw0T2g2K1dpWDh1bHFUOTB3MTFjUktEU3FcL09MelR3OVwvSnZ1c08raVVLUERxSElIQWU1RnFxVjZiUWVXNDFcLzVrS2NaQU5MRGpCd1Izd05VbVFCTkgwRHUwNUhIREtUc1wvdFhpUm5qbjZaVitLU052NktLTzBER1lqYjMiLCJtYWMiOiI5N2FjOTM0YjFkMDcxYmY1NjFhNDQ0OWRjZGQ5MTFhMjkwMzJhY2I3OGNkNTE5ZTQ1M2UyMTBmZDQzOWUzM2NmIn0%3D; expires=Thu, 09-Apr-2020 19:00:58 GMT; Max-Age=86400; path=/; HttpOnly S7bkTR9oU9DyXyt7fuUZuxL3HpLUuc3W9U6mzOAq=eyJpdiI6IkFwUE5iRk9kbnBFU01RNVlkOFptUVE9PSIsInZhbHVlIjoicGRwTUVTZ2lvWFUrRmZGaG9RQzR3QXhieWJZRzRcL0tuYThUcTY3OUV3VlBkOUlPOUFVbUlmMU5ZQTdLNFpuMjJxVmR3NTZCWG9pMDNGb0pDV3VVVDJmZ000TnNBVkNzNlFqR2NJeUlpaHpSMkJ1Tkh6dlY2dDl4THhXZlkraEhJTFdYREd2MnJ4TzBhSkc0NEhUOXJlZ2FWVnlIT011WEVGS0ljK25SSlJFQ3RwVmd2blwvNUdMN3NqSVc5ck5KWnVnbjNsdmd0ZVVxNjJsZzQwdjRiR003azBIS0RwanBsWlpieWh1dEd1OFZiTXd1bW5XRnk3NVNuaW9hWnVCYjE5VWViVTdNXC9Yb0x5VG5PdGpJandOZ2tsa0ZpRzJnTVNJVWRQTlNQa1BqTjhTWEgwZ0ZzcmVWXC9uVHVOaXlVb0VGWVpueWtWb0xZUlFqVjdVOStCOGxDaklRclhrcEc2bmNRMENGRXViRDVibGRhYkdrZlNEdU03aXVTdU5telgyanFWaDRHcTBLMVRMS1wvbnlnbEZiR3J0STh3UnpETFNGa3BNWDQyZmY0OXNxWVVBZHdza21tRm1aWjY2SGQ4RGxMZk9wWTBcL1wvVTJKV1F1QnBBN1FRdlhEbkZHZ3FEWmJcL29aOE1ZQlV3OEhRT3M5ZHJIMGtZT3Y0V0d3VlRUOEpXR2xpUit1YmZtb3ZUWld5ZmRsT2h5RjRsTEFMXC9XeGFXQVFLbFBNM0w4TWtraGlzejJUa1wvQW10bWJ1S1A2aWtmRTVtQ0VKeEplMGgzMVVZOXRBSG5ycis2cGtPMDNcL2o1TFhoZzZMOUtIalBHOGdvb1BxcFhZT1U2VHJaSW1XOStEb3RlNERqcjRYanF4XC9LM3FtbHJhWVQ0aktzSnQrTWgydkF6YmdjN1B3R2VkaU5nMVhBbkFEXC9wWUdqZEQ3d2NpIiwibWFjIjoiMzE2NjYyMWVmYzhlYzIwZTg4NTdlYWZlMjgyOTVlYzhlMzAxZDNiYTg0ZjBjZmJhY2I1Y2ZlN2NjNDQzZWExMiJ9; expires=Wed, 08-Apr-2020 21:00:58 GMT; Max-Age=7200; path=/; HttpOnly
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 580e3bf45c1ec2e5-FRA

GET
H/1.1 200
OK Primary Request Cookie set knde-uk-z Show response
claimthisnow.net/ 109 KB
22 KB 143ms
63ms Document
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: c856d9b929ab519e41986c82488a69a6cb7ca36a5a334843b4badcaecb369997

Request headers

Host: claimthisnow.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Server: Apache/2.4.25 (Debian)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjhLVlBaakQ0ZmQ1R1RzY1BKZ3pURnc9PSIsInZhbHVlIjoiNGc5VnBUWFVcL2VoaWpBZGdCdlNIUHUrXC9oOXBPWUFoVWw4TThjOVwvc2E4OWdXOGZmcnBKVzV6RzN3eFwvc01aSE8iLCJtYWMiOiI3OTEwYjc0MWJkZmQxYjEzYjk0NjYxNmU0ODZlYWFlY2ExNjFkNGFlY2MwYTZkM2ZlYjU1NTJmYjAzODFiZGRlIn0%3D; expires=Wed, 08-Apr-2020 20:00:58 GMT; Max-Age=3600; path=/ cors_session=eyJpdiI6Ik15RUtYYTZpUzlCRmlDUmJEaEtkaEE9PSIsInZhbHVlIjoiSUxqY0NIM0JsaEJydHZwUnFGSitiV0oxc3RkenBYKzZQZkl4ZjFoNWx2NHIrNElFNVlVampOd3pwTzN5U29KNyIsIm1hYyI6Ijk3MzY2MjU1ZjE1M2IzZGM1NWIwMzQxNThjMTFiYTMzMjlkYTJhMmJiNWY2MDVkYWRhZGE0MThmZDM4YmVlMGMifQ%3D%3D; expires=Wed, 08-Apr-2020 20:00:58 GMT; Max-Age=3600; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21811
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 9ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 19:00:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 10ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 19:00:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK main.min.css
claimthisnow.net/styles/ 6 KB
2 KB 42ms
37ms Stylesheet
text/css 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/styles/main.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 5a1b3a32f5ff5dbd9354931f336875df09f8f8cfdb5f403075ec6b13aa236db2

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2020 15:22:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "1894-5a2c9101cc380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1263

GET
H/1.1 200
OK main.min.css
claimthisnow.net/templates/template-z/v2-newform/styles/ 46 KB
8 KB 71ms
28ms Stylesheet
text/css 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/templates/template-z/v2-newform/styles/main.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d5d58b965184ef12db48788238a6b8e78101d30ad979199914496a8cde52d8f1

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Mar 2020 12:55:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "b7c9-5a093bf4a7a53-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7777

GET
H/1.1 200
OK campaign.min.css
claimthisnow.net/campaigns/1158/styles/ 40 KB
7 KB 92ms
27ms Stylesheet
text/css 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/campaigns/1158/styles/campaign.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: e83ecc2baf4e8485f34a8680a73b44564208a08749a5007920a4120972146676

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "9f7e-5a1ae26529245-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6803

GET
H/1.1 200
OK select2.min.css
claimthisnow.net/vendor/select2/ 15 KB
2 KB 90ms
25ms Stylesheet
text/css 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/vendor/select2/select2.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2020 15:25:15 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3a76-5a2c91b68bf44-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1998

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 37ms
19ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 19:00:58 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 579
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 580e3bfb1899d6d1-FRA
expires: Thu, 09 Apr 2020 07:00:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129693020-1

Requested by

Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c869f67f84ff29765cc02367c1ca80f068e8b585ddd0d4c5f9e6a6feb5c6cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 19:00:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30182
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Apr 2020 19:00:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1010 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5d681cddf15ddedbddbc582086f06bb1269b2bce6cb965b47ae7ef4818d1b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 19:00:58 GMT
server: ESF
date: Wed, 08 Apr 2020 19:00:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Apr 2020 19:00:58 GMT

GET
H/1.1 200
OK main.min.css
claimthisnow.net/survey/lf2/ 23 KB
5 KB 89ms
26ms Stylesheet
text/css 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/survey/lf2/main.min.css
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 31949f565ff2526195e3a6d2031238075fc32c9ac6c24af27a2e9d1d678723e1

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2020 15:22:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5c52-5a2c9101cc380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4894

GET
H/1.1 200
OK gratis-badge.png
claimthisnow.net/campaigns/1158/images/ 3 KB
4 KB 38ms
26ms Image
image/png 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/gratis-badge.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 9c38008b99546d93f5a2ed815ee8158f580821b19e1a94630b3a530c78e8f669

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "d70-5a1ae265224e5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3440

GET
H/1.1 200
OK splash-image.png
claimthisnow.net/campaigns/1158/images/ 409 KB
409 KB 27ms
27ms Image
image/png 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/splash-image.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 76a6545a4c1766a6eb28aecd17d0c1e571bf400540fe9a83c5cf4b15cfb206ed

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "662ee-5a1ae26526365"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 418542

GET
H/1.1 200
OK flamingo.png
claimthisnow.net/campaigns/1158/images/ 3 KB
3 KB 26ms
24ms Image
image/png 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/flamingo.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3084512b686a54db7a1800bb0caf77485d2fa301ade65e4faa4a12ad588b5bc

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "c02-5a1ae265224e5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3074

GET
H/1.1 200
OK banner-mobile.jpg
claimthisnow.net/campaigns/1158/images/ 34 KB
34 KB 27ms
26ms Image
image/jpeg 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/banner-mobile.jpg
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 91223e979fc05fa4e126effcd7764fe1fc81ea8f505c49f94711a5bac63cf4a1

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "8863-5a1ae265205a5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34915

GET
H/1.1 200
OK loader.gif
claimthisnow.net/campaigns/1158/images/ 2 KB
3 KB 26ms
25ms Image
image/gif 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/loader.gif
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d993e0b503ac0ef0b972c335de328bba66ad8a33e34dcf8b5bd7b622ba181ef7

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "9f1-5a1ae265253c5"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2545

GET
H/1.1 404
Not Found loader2.gif
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 34ms
33ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/loader2.gif
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found post-image.png
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 37ms
36ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/post-image.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found thankyou-image.png
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 36ms
35ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/thankyou-image.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 22ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Origin: https://claimthisnow.net
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1586372458.dop162.fr8.shc,1586372458.dop162.fr8.t,1586372458.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 7ms
7ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Origin: https://claimthisnow.net
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 19:00:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H/1.1 200
OK app.js Show response
claimthisnow.net/js/ 737 KB
184 KB 34ms
33ms Script
application/javascript 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/js/app.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: fe23498afabe71f36a57aed6a492bac889203539e36281c0e1a6fbbbb81a0ef4

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Apr 2020 15:25:15 GMT
Server: Apache/2.4.25 (Debian)
ETag: "b858c-5a2c91b663ea3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1

200
OK

EHawkTalon.js Show response
ehawk.net/talon-cdn/
Redirect Chain

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js
https://ehawk.net/talon-cdn/EHawkTalon.js

43 KB
14 KB

192ms
34ms

Script
text/javascript

94.228.142.45
PROLOCATION Trans...

General

Check archive.org

Show headers Download Go to

Full URL

https://ehawk.net/talon-cdn/EHawkTalon.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.228.142.45 , Netherlands, ASN41887 (PROLOCATION Transit policy pref 100, NL),

Reverse DNS

Software

Apache /

Resource Hash

1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, ALLOW-FROM https://www.ehawk.net/

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Sep 2017 11:06:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, ALLOW-FROM https://www.ehawk.net/
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=290304000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 13571

Redirect headers

date: Wed, 08 Apr 2020 01:55:07 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server: Apache
age: 61551
location: https://ehawk.net/talon-cdn/EHawkTalon.js
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/html; charset=iso-8859-1
status: 301
x-amz-cf-pop: FRA50-C1
content-length: 314
x-amz-cf-id: HrJg2Ay4J-ib1E3Feh8mzCFlCUfhoCJg161W3a9mLxaig-QXsF5DHA==

GET
H/1.1 200
OK script.min.js Show response
claimthisnow.net/templates/template-z/v2-newform/scripts/ 9 KB
3 KB 30ms
29ms Script
application/javascript 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/templates/template-z/v2-newform/scripts/script.min.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2520e2321ec1f035e3294ac38035515100c3874ce8e55613cb1c3234d971188d

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Mar 2020 12:55:13 GMT
Server: Apache/2.4.25 (Debian)
ETag: "250c-5a093bf4a5b13-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2564

GET
H/1.1 200
OK script.min.js Show response
claimthisnow.net/campaigns/1158/scripts/ 32 B
327 B 30ms
29ms Script
application/javascript 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/campaigns/1158/scripts/script.min.js
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2216f74206505a528bf72e953d676abf439b0b9102c6c675fb02f556a97868ac

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "20-5a1ae265282a5"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 32

GET
H/1.1 200
OK background.jpg
claimthisnow.net/campaigns/1158/images/ 34 KB
35 KB 29ms
28ms Image
image/jpeg 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/background.jpg
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 584daec5da21e4d3b21048b340ecc4c4bc9211d684180c7a2db9286bc1fd141c

Request headers

Referer: https://claimthisnow.net/campaigns/1158/styles/campaign.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 25 Mar 2020 13:50:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "892c-5a1ae2651f605"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35116

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500,700
Origin: https://claimthisnow.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 09:56:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 378259
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Sun, 04 Apr 2021 09:56:39 GMT

GET
H/1.1 200
OK Gotham-Thin.woff2
claimthisnow.net/fonts/Gotham-Thin/ 14 KB
14 KB 31ms
28ms Font
application/octet-stream 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://claimthisnow.net/fonts/Gotham-Thin/Gotham-Thin.woff2
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 345f92e2823ba8e848d4ac6c0b1f989cf2a366c4a4a61115ce5fb46998e6465d

Request headers

Referer: https://claimthisnow.net/campaigns/1158/styles/campaign.min.css
Origin: https://claimthisnow.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:58 GMT
Last-Modified: Wed, 08 Apr 2020 15:22:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "379c-5a2c9101cc380"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 14236

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500,700
Origin: https://claimthisnow.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 12:00:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 370840
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sun, 04 Apr 2021 12:00:18 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500,700
Origin: https://claimthisnow.net
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1015567
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:54:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129693020-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1343
date: Wed, 08 Apr 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 08 Apr 2020 20:38:35 GMT

GET
H/1.1 200
OK tr_knde_uk_pl Show response
bevestignu.net/en_uk/ 138 KB
28 KB 205ms
122ms XHR
text/html 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://bevestignu.net/en_uk/tr_knde_uk_pl?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b

Requested by

Host: claimthisnow.net
URL: https://claimthisnow.net/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

d1a5edfcf2a567344e38b1933d5605ef03c7a405854df16d5ba8d8460a549003

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Origin: https://claimthisnow.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://claimthisnow.net
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 404
Not Found loader2.gif
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 36ms
35ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/loader2.gif
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found post-image.png
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 41ms
40ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/post-image.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found thankyou-image.png
claimthisnow.net/campaigns/1158/images/ 1 KB
1 KB 41ms
40ms Image
text/html 185.128.34.116
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimthisnow.net/campaigns/1158/images/thankyou-image.png
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.25 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KT9575B&t=gtag_UA_129693020_1&cid=727769558.1586372459

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

922ac9d76de55b01851773ecead30e040c85b8945e42ac4281190cbee4ca8808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 19:00:59 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Apr 2020 19:00:59 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=705060423&t=pageview&_s=1&dl=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=727769558.1586372459&jid=1224583906&_gid=571968761.1586372459&gjid=338850480&_v=j81&z=349452033

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=727769558.1586372459&jid=1224583906&_gid=571968761.1586372459&gjid=338850480&_v=j81&z=349452033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 08 Apr 2020 19:00:59 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Apr 2020 19:00:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=727769558.1586372459&jid=1224583906&_gid=571968761.1586372459&gjid=338850480&_v=j81&z=349452033
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=705060423&t=event&_s=2&dl=https%3A%2F%2Fclaimthisnow.net%2Fknde-uk-z%3Fclickid%3Dqv3kCEM8sW-5e8e1f6983037303254fc8d7%26networkid%3D102449%26publisher%3D14_%26c6%3D%7BDOMAINNAME%7D%26c7%3D%7BFBPIXEL%7D%26ept2%3Dfff92b09-bcfb-43d6-a7d1-bdb3c3183d1b&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=knde-uk-z-102449-14_&ea=01.%20home&el=NONE&ev=0&_u=KGBAAUADQ~&jid=&gjid=&cid=727769558.1586372459&tid=UA-129693020-1&_gid=571968761.1586372459&gtm=2ou432&z=104600233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 05:50:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6700243
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 72 B
722 B 608ms
216ms Script
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&callback=app.addScoreCORS&cb=0.8676090337997997&pid=1000432&&tid=102449&l1=UK&l2=14_&l3=tr_knde_uk_pl&pub_domain=bevestignu.net
Requested by: Host: claimthisnow.net
URL: https://claimthisnow.net/js/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 259a6d64e5f44bb544c9847fedc590d38936a34abb5c243f01607c4e3b3acdfe

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 08 Apr 2020 19:01:00 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 72

GET
H/1.1 200
OK sponsor Show response
bevestignu.net/ 68 KB
14 KB 43ms
42ms XHR
application/json 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://bevestignu.net/sponsor?externalId=qv3kCEM8sW-5e8e1f6983037303254fc8d7

Requested by

Host: claimthisnow.net
URL: https://claimthisnow.net/js/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

041dd9730236b8db804780cf8621c306e15a1961fd08da7f89ed39d87e02bb27

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
Origin: https://claimthisnow.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://claimthisnow.net
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK placeholder.png
bevestignu.net/images/ 30 KB
30 KB 78ms
28ms Image
image/png 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bevestignu.net/images/placeholder.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

93453aeb09ee83e223ec77a93aab60cbcf79be3436401817b49bf11093e6adc1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 08 Apr 2020 19:00:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Apr 2020 15:57:11 GMT
Server: nginx
ETag: "5e8df457-762f"
Content-Type: image/png
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30255
X-XSS-Protection: 1; mode=block

GET
H2 200 5e67a8516498a.png
cdn.cloudcnt.com/content/image/ 1 KB
2 KB 40ms
9ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e67a8516498a.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3b8c9576493bcb090146a6391dda7f1c8659eddf34c1e9d667e366d783f52fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 05:36:54 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 134645
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3eDvJkwzGW-QoM02Vvij_29-t4uLlf9P72pglbYI74WoRvYDMrx9_g==
x-content-type-options: nosniff

GET
H2 200 5b753b0f22993.jpg
cdn.cloudcnt.com/content/image/ 11 KB
12 KB 40ms
8ms Image
image/jpeg 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b753b0f22993.jpg?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 08:17:53 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 211386
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Z9qJ0ebmlJeoC-3xvMPsVoYysZE-9YOMFiasESIlVRueoQwSa1kB7w==
x-content-type-options: nosniff

GET
H2 200 5c1cbc6169c1f.png
cdn.cloudcnt.com/content/image/ 7 KB
7 KB 41ms
10ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c1cbc6169c1f.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

630f3cd80211d3dd7575ee4500e170b077ddacdd440af0da39dbdcbe85af9f0b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 05:34:51 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 221168
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: -tSG81l0iK9qsVqWePj0Js1kGxmdzcq4KKhoTQWNefQnFfRON8AdzQ==
x-content-type-options: nosniff

GET
H2 200 5c1cfaf6a3c67.png
cdn.cloudcnt.com/content/image/ 4 KB
5 KB 42ms
11ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c1cfaf6a3c67.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

49e4e7782e3a46ee2e442b0681853fe92b616e1ae0edb22c94457a61ee79758e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 05:34:51 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 221168
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5nDDDyY5wjwVaDv5UacPKkLtT0eem-o-Lmi8b5_raPvIIGbwxUnlLA==
x-content-type-options: nosniff

GET
H2 200 5cfa722f14649.png
cdn.cloudcnt.com/content/image/ 3 KB
4 KB 44ms
13ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5cfa722f14649.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

08178447736c8e93a252fe8745cbb92710560f71f96650ad1b3cf419e150fbbb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 02:33:36 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 232043
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: vnOUapG8Pfm9atlbwvLoFXtUZ467VpIWizDrGIajRaBTKKc2mJTbXw==
x-content-type-options: nosniff

GET
H2 200 5d8dd415ec4fa.png
cdn.cloudcnt.com/content/image/ 8 KB
8 KB 44ms
13ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d8dd415ec4fa.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

99d3be01a1d5d9ce3a4cabd6ff3879143d94c31d88d7c05bb9ab5b799979822d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 08:17:53 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 211386
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WOlyHBmXVHjDnbt6e9-Pyaq2lSiQladkbDiNkns5AS5A8XmVkZhsdQ==
x-content-type-options: nosniff

GET
H2 200 5e72313fbbf91.png
cdn.cloudcnt.com/content/image/ 9 KB
9 KB 10ms
8ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e72313fbbf91.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

057d22bd9a11c21251a565b8293aa68842e072ed7379538da4b50112b8391116

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 01:27:08 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 236031
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5uV8GEDIkBgDMcub1yaKkhK1xyWsbkPMLLp4hSFBTL_RuGJaiu6FTg==
x-content-type-options: nosniff

GET
H2 200 5e86f8ea60ce5.png
cdn.cloudcnt.com/content/image/ 21 KB
22 KB 11ms
9ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e86f8ea60ce5.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

748cc6d67767c97c1469e6b49f3e3e4c26be92b554b941b9e0036614f1dc0bed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 08:52:56 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 209283
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: NGAB2Iml00thzox4bSozEy6_RYydnlrWDUcfUMdQJEZLNxMmdz6TPA==
x-content-type-options: nosniff

GET
H2 200 5e7cc4e4418b1.jpg
cdn.cloudcnt.com/content/image/ 23 KB
23 KB 12ms
10ms Image
image/jpeg 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e7cc4e4418b1.jpg?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40521211452ae6fdac18915d555968b54243fe4000de82c0572c6970d86379ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 15:35:28 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 12331
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: v5bD44Vume_rXSM0mPVzdVuNhuNY3XyG6QkmdCkIw_Lgu1w-QGdsRg==
x-content-type-options: nosniff

GET
H2 200 5e8492fb023ad.png
cdn.cloudcnt.com/content/image/ 17 KB
18 KB 11ms
9ms Image
image/png 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e8492fb023ad.png?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c27aa79f2088129bd70fc989c531d492b879c63246c9988d8923796ae6b709a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 13:19:14 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 106905
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pTWs3mPVT1-bzbomaMHRyczN04VUA4uVraes4UmQ_IYEV7aySRyQ3w==
x-content-type-options: nosniff

GET
H2 200 5e8b0ccd58fc7.jpg
cdn.cloudcnt.com/content/image/ 5 KB
5 KB 11ms
10ms Image
image/jpeg 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e8b0ccd58fc7.jpg?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

13e23bb864a2d767a81b37d97d46d494b408486ede94699270101f3ce1757a2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 11:04:46 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 201373
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gVFx7I3B5Cy8phLmGE5u2SWZUnFhMYbbdxIPOizhwJL_eFZFnVng1Q==
x-content-type-options: nosniff

GET
H2 200 5e8c6f981a739.jpg
cdn.cloudcnt.com/content/image/ 14 KB
14 KB 15ms
13ms Image
image/jpeg 2600:9000:20eb:7000:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e8c6f981a739.jpg?size=300

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:7000:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

67426378e2017f83e7fb24d1a8c97de17a7082e3e94a7bedfe7a76e3c54bdd33

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 12:18:32 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 110547
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WKf3t8rSmjpbOXaEAy0ATqf7nALqecnRmhlQjpJ7_kVzvb18feZYkg==
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.claimthisnow.net/	1970-01-20 02:10:44	Name: _ga Value: GA1.2.727769558.1586372459
claimthisnow.net/	1970-01-19 08:39:36	Name: cors_session Value: eyJpdiI6Ik15RUtYYTZpUzlCRmlDUmJEaEtkaEE9PSIsInZhbHVlIjoiSUxqY0NIM0JsaEJydHZwUnFGSitiV0oxc3RkenBYKzZQZkl4ZjFoNWx2NHIrNElFNVlVampOd3pwTzN5U29KNyIsIm1hYyI6Ijk3MzY2MjU1ZjE1M2IzZGM1NWIwMzQxNThjMTFiYTMzMjlkYTJhMmJiNWY2MDVkYWRhZGE0MThmZDM4YmVlMGMifQ%3D%3D
.claimthisnow.net/	1970-01-19 08:39:32	Name: _gat_gtag_UA_129693020_1 Value: 1
.claimthisnow.net/	1970-01-19 08:40:58	Name: _gid Value: GA1.2.571968761.1586372459
claimthisnow.net/	1970-01-19 08:39:36	Name: XSRF-TOKEN Value: eyJpdiI6IjhLVlBaakQ0ZmQ1R1RzY1BKZ3pURnc9PSIsInZhbHVlIjoiNGc5VnBUWFVcL2VoaWpBZGdCdlNIUHUrXC9oOXBPWUFoVWw4TThjOVwvc2E4OWdXOGZmcnBKVzV6RzN3eFwvc01aSE8iLCJtYWMiOiI3OTEwYjc0MWJkZmQxYjEzYjk0NjYxNmU0ODZlYWFlY2ExNjFkNGFlY2MwYTZkM2ZlYjU1NTJmYjAzODFiZGRlIn0%3D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://claimthisnow.net/knde-uk-z?clickid=qv3kCEM8sW-5e8e1f6983037303254fc8d7&networkid=102449&publisher=14_&c6={DOMAINNAME}&c7={FBPIXEL}&ept2=fff92b09-bcfb-43d6-a7d1-bdb3c3183d1b(Line 90) Message: knde-uk-z-102449-14_
console-api	log	URL: https://claimthisnow.net/templates/template-z/v2-newform/scripts/script.min.js(Line 1) Message: Here should the template JS go
console-api	log	URL: https://claimthisnow.net/campaigns/1158/scripts/script.min.js(Line 1) Message: just a test line
console-api	log	URL: https://claimthisnow.net/js/app.js(Line 2) Message: https://bevestignu.net/en_uk/tr_knde_uk_pl
console-api	log	URL: https://claimthisnow.net/js/app.js(Line 2) Message: //bevestignu.net/,t,/
console-api	log	URL: https://claimthisnow.net/js/app.js(Line 2) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.across.it
bevestignu.net
cdn.cloudcnt.com
cdn.onesignal.com
claimthisnow.net
click.trlxcf02.com
code.jquery.com
data.ad-score.com
djjcyqvteia9v.cloudfront.net
echo3.bluehornet.com
ehawk.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
track.digitaldatadock.com
www.google-analytics.com
www.googletagmanager.com
130.211.115.4
178.255.74.102
185.128.34.116
185.128.34.117
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
212.32.252.72
2600:9000:20eb:7000:b:413c:b700:93a1
2600:9000:2156:be00:2:7bf5:a0c0:21
2606:4700:3031::681f:5f75
2606:4700::6812:e234
2a00:1450:4001:800::2008
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
34.213.175.228
94.228.142.45
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
041dd9730236b8db804780cf8621c306e15a1961fd08da7f89ed39d87e02bb27
057d22bd9a11c21251a565b8293aa68842e072ed7379538da4b50112b8391116
08178447736c8e93a252fe8745cbb92710560f71f96650ad1b3cf419e150fbbb
13e23bb864a2d767a81b37d97d46d494b408486ede94699270101f3ce1757a2f
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f
2216f74206505a528bf72e953d676abf439b0b9102c6c675fb02f556a97868ac
2520e2321ec1f035e3294ac38035515100c3874ce8e55613cb1c3234d971188d
259a6d64e5f44bb544c9847fedc590d38936a34abb5c243f01607c4e3b3acdfe
2f00779d7a25ef918f4c7c9129c2e3f3a4bc48b552000196d552b93eaea2c79f
31949f565ff2526195e3a6d2031238075fc32c9ac6c24af27a2e9d1d678723e1
345f92e2823ba8e848d4ac6c0b1f989cf2a366c4a4a61115ce5fb46998e6465d
40521211452ae6fdac18915d555968b54243fe4000de82c0572c6970d86379ff
49e4e7782e3a46ee2e442b0681853fe92b616e1ae0edb22c94457a61ee79758e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53aa8de7e538503c9506d9a379f0bf0e94c1a3aedb3fad63bc204b5725333fd6
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
584daec5da21e4d3b21048b340ecc4c4bc9211d684180c7a2db9286bc1fd141c
5a1b3a32f5ff5dbd9354931f336875df09f8f8cfdb5f403075ec6b13aa236db2
630f3cd80211d3dd7575ee4500e170b077ddacdd440af0da39dbdcbe85af9f0b
67426378e2017f83e7fb24d1a8c97de17a7082e3e94a7bedfe7a76e3c54bdd33
6c869f67f84ff29765cc02367c1ca80f068e8b585ddd0d4c5f9e6a6feb5c6cbb
748cc6d67767c97c1469e6b49f3e3e4c26be92b554b941b9e0036614f1dc0bed
76a6545a4c1766a6eb28aecd17d0c1e571bf400540fe9a83c5cf4b15cfb206ed
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91223e979fc05fa4e126effcd7764fe1fc81ea8f505c49f94711a5bac63cf4a1
922ac9d76de55b01851773ecead30e040c85b8945e42ac4281190cbee4ca8808
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93453aeb09ee83e223ec77a93aab60cbcf79be3436401817b49bf11093e6adc1
99d3be01a1d5d9ce3a4cabd6ff3879143d94c31d88d7c05bb9ab5b799979822d
9c38008b99546d93f5a2ed815ee8158f580821b19e1a94630b3a530c78e8f669
b5d681cddf15ddedbddbc582086f06bb1269b2bce6cb965b47ae7ef4818d1b36
c27aa79f2088129bd70fc989c531d492b879c63246c9988d8923796ae6b709a7
c856d9b929ab519e41986c82488a69a6cb7ca36a5a334843b4badcaecb369997
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1a5edfcf2a567344e38b1933d5605ef03c7a405854df16d5ba8d8460a549003
d3b8c9576493bcb090146a6391dda7f1c8659eddf34c1e9d667e366d783f52fd
d5d58b965184ef12db48788238a6b8e78101d30ad979199914496a8cde52d8f1
d993e0b503ac0ef0b972c335de328bba66ad8a33e34dcf8b5bd7b622ba181ef7
e3084512b686a54db7a1800bb0caf77485d2fa301ade65e4faa4a12ad588b5bc
e83ecc2baf4e8485f34a8680a73b44564208a08749a5007920a4120972146676
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe23498afabe71f36a57aed6a492bac889203539e36281c0e1a6fbbbb81a0ef4

claimthisnow.net Open in urlscan Pro 185.128.34.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

63 %IPv6

18 Domains

18 Subdomains

16 IPs

5 Countries

1132 kBTransfer

2404 kBSize

5 Cookies

66 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

claimthisnow.net Open in urlscan Pro
185.128.34.116 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

63 %
IPv6

18
Domains

18
Subdomains

16
IPs

5
Countries

1132 kB
Transfer

2404 kB
Size

5
Cookies

55 HTTP transactions
0 data transactions