urlscan.io logo urlscan.io
SecurityTrails logo

claim.lovelycampaigns.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=af6baf81-49ab-4781-9a99-54bc4972b440&cdpnuid=6556034e-...
Effective URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8...
Submission: On January 17 via manual from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is claim.lovelycampaigns.com.
TLS certificate: Issued by E1 on December 20th 2023. Valid for: 3 months.
This is the only time claim.lovelycampaigns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 168.100.9.32 399629 (BLNWX)
1 1 162.0.224.56 22612 (NAMECHEAP...)
1 1 52.54.170.235 14618 (AMAZON-AES)
1 3 164.92.141.250 14061 (DIGITALOC...)
2 26 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a05:d014:58f... 16509 (AMAZON-02)
30 4
1    168.100.9.32 (Amsterdam, Netherlands)

ASN399629 (BLNWX, US)
jadetodunk.com
1    162.0.224.56 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server.zenopreneur.com
apdgog.com
1    52.54.170.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-170-235.compute-1.amazonaws.com
swpshdnmkt3.com
3    164.92.141.250 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
www.wegetallgold.top
www.trkflyingflaps.top
26    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
link.hellosixty.club
claim.lovelycampaigns.com
cdn1.liquifycdn.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a05:d014:58f:6202::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
galaxys21-netizens.netlify.app
Domain Requested by
21 cdn1.liquifycdn.com claim.lovelycampaigns.com
cdn1.liquifycdn.com
4 claim.lovelycampaigns.com 1 redirects claim.lovelycampaigns.com
3 cdnjs.cloudflare.com claim.lovelycampaigns.com
2 www.trkflyingflaps.top claim.lovelycampaigns.com
www.trkflyingflaps.top
1 galaxys21-netizens.netlify.app cdn1.liquifycdn.com
1 link.hellosixty.club 1 redirects
1 www.wegetallgold.top 1 redirects
1 swpshdnmkt3.com 1 redirects
1 apdgog.com 1 redirects
1 jadetodunk.com 1 redirects
30 10

This site contains no links.

Subject Issuer Validity Valid
lovelycampaigns.com
E1		 2023-12-20 -
2024-03-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
liquifycdn.com
GTS CA 1P5		 2023-11-28 -
2024-02-26		 3 months crt.sh
www.trkflyingflaps.top
R3		 2023-12-31 -
2024-03-30		 3 months crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Frame ID: A2A6D7705AEE91D69BDA37FD16071304
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Samsung Galaxy S23

Page URL History Show full URLs

  1. https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=af6baf81-49ab-4781-9a99-54bc4972b4... HTTP 303
    http://apdgog.com/click.php?key=9tlr13g782vq6nblobrj&suid=af6baf81-49ab-4781-9a99-54bc4972b440 HTTP 302
    https://swpshdnmkt3.com/?a=11192&c=152799&s1=&s2=c12021mwhb4u351e HTTP 302
    https://www.wegetallgold.top/6QFBWN/211L4S2/?sub1=697262356&sub2=11192&sub3= HTTP 302
    https://link.hellosixty.club/nl_NL/3oh9tTEkpkHS?oid=565&affid=127&first_name=&last_name=&address=&zip_cod... HTTP 302
    https://claim.lovelycampaigns.com/enter/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transac... HTTP 302
    https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

43 %
IPv6

10
Domains

10
Subdomains

4
IPs

3
Countries

9497 kB
Transfer

9802 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=af6baf81-49ab-4781-9a99-54bc4972b440&cdpnuid=6556034e-dc62-1de9-0064-a83cc886a0f3&clickid=1ba967875f534349b8e1e05919765b77&source=6119_2265 HTTP 303
    http://apdgog.com/click.php?key=9tlr13g782vq6nblobrj&suid=af6baf81-49ab-4781-9a99-54bc4972b440 HTTP 302
    https://swpshdnmkt3.com/?a=11192&c=152799&s1=&s2=c12021mwhb4u351e HTTP 302
    https://www.wegetallgold.top/6QFBWN/211L4S2/?sub1=697262356&sub2=11192&sub3= HTTP 302
    https://link.hellosixty.club/nl_NL/3oh9tTEkpkHS?oid=565&affid=127&first_name=&last_name=&address=&zip_code=&city=&phone_number=&email=&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192&sub3=&sub4=&sub5= HTTP 302
    https://claim.lovelycampaigns.com/enter/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192&sub3=&sub4=&sub5= HTTP 302
    https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 79c0bbe2c8dd0c340fd3626dbba6550562599337
claim.lovelycampaigns.com/
Redirect Chain
  • https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=af6baf81-49ab-4781-9a99-54bc4972b440&cdpnuid=6556034e-dc62-1de9-0064-a83cc886a0f3&clickid=1ba967875f534349b8e1e05919765b77&source=61...
  • http://apdgog.com/click.php?key=9tlr13g782vq6nblobrj&suid=af6baf81-49ab-4781-9a99-54bc4972b440
  • https://swpshdnmkt3.com/?a=11192&c=152799&s1=&s2=c12021mwhb4u351e
  • https://www.wegetallgold.top/6QFBWN/211L4S2/?sub1=697262356&sub2=11192&sub3=
  • https://link.hellosixty.club/nl_NL/3oh9tTEkpkHS?oid=565&affid=127&first_name=&last_name=&address=&zip_code=&city=&phone_number=&email=&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=69726...
  • https://claim.lovelycampaigns.com/enter/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192&sub3=&sub4=&sub5=
  • https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b49b20cdbad56c453c5d782fde1a3d33adad8f527c8c6bf5cf4e76b3bdd46a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8470cf164b950ae3-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 18:54:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A9ezKiBzLjXWllqog6h5fR7zA1eAoTaiomsQYHtBlpZsli5E83iRov8%2Fpv051eZf2eFmxP4Jo%2FT7lZtyp3%2BUuViRz5QmqwLT3QQEKsB1XA9jqalr%2FHweUnrDg3aQVQhzAuPIzu8MrGpNEb3H%2FQYOjLFZSyLEaq4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8470cf156a1a0ae3-AMS
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 18:54:49 GMT
location
https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg0p9jR44SgUv%2F3fYz%2Fbfiwu3SAN5b9%2F0UJXPFYDxJ1uefdg0FhCDtKwvk9%2FGzlunXcUIyZIuYr%2Fo0Y9YmjVQyY9VL4bCD82%2B6KU4uoZdetrT34Hu2Zf3fXdI4GrYyeuDifBJ5Cu%2Frgrp7cNUKGgAxmN8ZnRCwt1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://claim.lovelycampaigns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5843769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3TEw5OsEj%2BCWdWyBKqrwgqMtaPkIASiU0GU7voK4yY6KNBlf3%2FcNZ72Uq%2FV9LyFNtnLpeVvgKHqCGnabqyq4Roh3MeoPWXA9798wqSKyLOvDSIAAD6Ds6klt61cC%2FcvhqVqoRkJRgwXUCuYVq%2B9BYgX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8470cf179bb49034-FRA
expires
Mon, 06 Jan 2025 18:54:49 GMT
styles.css
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e928a26f8534ed090e7bd5763b0bf58debb58fb28aac9fc99775b54137eb6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6%2BKk2FeeEFTw0hXdEDBUur5t6LHNndPDtNmo7%2BqtwP8RCyoMYB6TJhXt9HOsFmw6KVv4okTf0uey42zgLWHb2wMhqjJ1JM2lT5uxNAXkDK2MXcMZ%2Bb0Zc3cMiUp%2BJi4mzbsRrlDz1sD8q6NPZ%2FWGipl"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
8470cf17cbec7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5766163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28035
last-modified
Wed, 08 Mar 2023 16:05:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6408b256-6d83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgthzajfe%2BUpFW2IvBQAsOsHCy%2Fwupqvw4x8Fonpc0qwlv5EPJWIiP6g5ZjEW4i2CQNk91ld4Q12aXmDMYXb1b69i7OLKiC8Ne%2BFJyiiQdKimGDvODMO1QwI516V2QUimOO9u1dh8EMxCQKGDkVc55uU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8470cf179d0b1cb5-FRA
expires
Mon, 06 Jan 2025 18:54:49 GMT
styles.css
claim.lovelycampaigns.com/assets/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.lovelycampaigns.com/assets/css/styles.css?id=ed8ac1c08d4d3f9d324296f3094c43d2
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5b8481febc886b3a96d81e477c3a09e5ca850c0f265d23c52baae54571fdd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 11:17:42 GMT
server
cloudflare
etag
W/"657c35d6-d5db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVOMEPoKlf2Bdy4Y885GTBywuh536uQ6pG1IzuVlmufqk1Rfij7RwJHtkvRVXsh%2FU00NvQK8%2FOeGF582ESg%2Foust3MhBl2nSRak%2BN8QoC%2BPBfl83VM9Gw9unfXbxf0qEucdp6C5OgUQKkB5BjRsUCPvYTRXViOfP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8470cf176e6f6f75-CDG
jquery-3.6.1.min.js
claim.lovelycampaigns.com/assets/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://claim.lovelycampaigns.com/assets/js/jquery-3.6.1.min.js
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 15 Dec 2023 11:17:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657c35d6-15e40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vetqMTl3CCZqe2bGOl8Qts1%2FLYbNdp96T2AU5gsDkM2UxtHuu6IfA9ORK7q6iSIoEVP3a4YHumlpGSZZ%2B0Eafyi22R6gE0dHIfWH%2FbBwZxAkuAUc9z4nP6lk7h5mme3HsmRYRDw1VlOhXx3qu4CTJOVspR47UnLf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8470cf176e736f75-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
bg-fonts-banner.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/bg-fonts-banner.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337fdf6bde582eb79a91438f4e94e18f561fca951ddd60e889eb97bdd88e6a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBwOX8wG2x7qxxgNf%2B9qleT%2FExQ6umqO9nYQi37ftad1%2FE3KB0MDYQZ91FhSDakDKeteQGDddH%2B3cLxgawO6ukZW%2BxHE0%2Frx6Q5M08Y%2FxCGPLTGzUQppq2aJWkbNwEZXeKK6BbY%2Fc16cWho%2BwvWKz6w%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf17cbee7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
Green.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/Green.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fcda8c28954b2de717433be0e43566b7fb8d30105917a077689b0562e2ba1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTKFdBS595adBlURchhf91qrXwce8u3irNT%2BAZBj2jYMOn6NDrU3PE5Pcn85iXFOnop1qAKPhpBEiOlj8zsO3dAPzacNb9KwJFMrgy1YyeoOyzGMVQRgwZBpiv6GLMKgrrAsFq1Mah5d6nqteUW%2FFqi0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf17cbf07008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
PhantomBlack.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/PhantomBlack.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f7ca96a7a9ab0c12db0f7fc54c15526fe8027ea6041667ec805613ed628dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y3N%2F%2FqJtym3tIcAPrT2LRhSd4TatA8LaNKSlbmQXk%2FVj7pUt9rAb82HaQDDVwH9y%2B0Ff9Xo30a0KgBHAB4DbJSi840PQqW9B7U%2BOrZItLwRGXKc6OjCmD7CbY9G25atrzVSREmxBI%2FloKu%2BxMyZ2GWY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf188d8d7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
Cream.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		316 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/Cream.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4fff8f7e101118debc0fdb5c65515346ed0c2aa24323f04862b92721dd9d8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDn0Er4uCbhk41axGk99X8a0I17V7TzLj0sWQNxLmKEBANQEBL2e9Rqqrlz8tMn0cxHCS1WFw0prnu9yTSvbEunjRVPZTcA6qOpJiDH8br23tEwB0i9Jem3F9NWg8Cgj3FYPg3c2%2F3oBgM9PIdhk5NP2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf188d927008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
Lavendar.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		395 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/Lavendar.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107cd1bb5bcb72211b4e5022b4824ea8d8e33e4542ed21c7beb9871a71488d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1Deo4cyq%2FWDDrPeoN9rWmuvVNOz0sHHvDoKLa3uzBIja0RfMWJ%2Bxh6ZNtYiF0FZ8fNutH0eOcM7rAu4WcaPmVTWz2k42NLSX58LXraTVEYOOqsDyJwZZrKtLP3Vqs3i7D%2FNELYfHuisitNxnn%2FtCJo3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189d967008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://claim.lovelycampaigns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1613439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6955
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5f30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FcIMqZFDRNy6VWy25so7CmT5nduCwhaxFuB8kG8%2BxkfmiA48TYekYIL8z4bl0LD9KDJ4WcoLLMUMKG5zjlUwjLj5AjVASrSFbtqYM9yhKFUCEay9kE24eEqg6ez9tF2vc9N2a%2B8bMW0iOEp%2FeIXC2JF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8470cf188c9d9034-FRA
expires
Mon, 06 Jan 2025 18:54:49 GMT
showcase_img.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		681 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/showcase_img.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be53cf9394991f40e6dec88367e8e8d04e5373397f5c6b10518e7dc7e2567c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCm%2Fv3MzrC89EYBNctiQLbLaUkcYFZkOh0Y1HaS3kaGQwEAK4zkTXB6ZMA%2BEhjnjfOVtmyGH%2FOtpgziEEr8AcT6NLC3ugajodYWmFI7cgWbrg2MXBxoD40F%2FMf8%2FrfkDr8YYug17C5lW%2F0%2F3mEAkFpY5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189d9b7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
standard-img.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		236 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/standard-img.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f85aabdcb5b16cc66499baf53f3a9e02e14772144f9767e9d76df5b4b26d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01WtxmZMXHUxdk7xixMV8FrDkZjvKShgZ0oRJMDWjIlZVRDElzxtHM7EbEDVxtznwvHMHFOVPitcNEuN6HA%2BPuRc6%2BmsmZoMM0s21d%2B6OTM2eMHDCgWWkXzfmeJDXM1JyO2RfIr1%2F41TVYzc2CqegTqP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189d9e7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
standard-fonts.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/standard-fonts.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc78b2933250770c20afeb40b8a1686e30827081e783c8f06edb42c4d21c12ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKvOM15j7s62fZpZ6aHpIK%2BQ84hh48Ko5kwhla1wniGgMjzeXhNdyGauPNq7WK4ff2JnECveQF0grE7BHY8A8p89dcFzsTwalbCxN9NvWpmtp2xDENqLZIPgWNiTzWxtJNnMZNb3JtySspG48fDEIRp%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189da27008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
camera-img.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		577 KB
579 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/camera-img.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d10f0cca2be54c77ffb65c3e00661c8d9e189322dfd168609f9803108a0070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qweLz1pj9kh0Fr1sWtnTaQnhiWqoXA%2BFQW8Aou9pCZmSfsyFl60EHt1yNS3%2BzriRHyI740ZW86QlP9DBQvzYE%2BY2ulq3krJTQlFKcDjSm55CF54Kt2XtxJmsabWtpB0zxE8jkksIhEU2TE7SGqAsODTh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189da57008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
showtime-fonts.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/showtime-fonts.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2da61d889d6e41d901651e21ee1cf5aa36e9d77c2f3eb53969e3dbd38b104ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn6GbGQyKacoETQzuFTvH%2BwhqyOaUqyA8TycXXhKqPiNVlgxgmwiAZ3jTxbKT7YcQZtVw75h0879ulApo%2FCK8cp5o5Z7uR4E5S%2BnyzS2dbUFjsl2Neov9seQe%2Fnv1KHTlFtkLcNfvew%2BbazOKW%2B2PXfC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189da97008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
mobile.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/mobile.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033b95a3263366344e9adc1c5c13983d69d3a4b96e467ca4c5b0e3bd30c6a772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPkAl1p6yGp43s5rHoDBWqk1ZCLkVo0LPxPwAGTYEWv%2BpHUBFfUbKbMzBukr%2Bp4yectqLXGy9n3WbIvw78ECFsQ%2BXSrAVXTeXrB33%2Fetf79WNHRXFAsOFJ2sLOxqvotPSWc6oSkQYj9UIjXMWaXNhCBE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189dae7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
night-camera-img.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		830 KB
832 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/night-camera-img.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f234f1e17db9d25a49db0b68984a97aa68eb6d0187aa441efedf48be1cf8908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbbpYNSGWqiDtizpds6Q1jZc%2FipezA2PWVbNcXU3kgsyYPTwg342CpV3KcjQKRIY7LYZpisD9%2B0F2xpa04tqrAqoSCQj%2F7BNnfLnCGfw5v0knLTBdGWYYa%2BN%2FZ3PnsltzmNQB%2FFBUDm8RyezBywPKUBd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf189db17008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
selfie-img.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		832 KB
834 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/selfie-img.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c946774423a164b0f47335dfab52774e9c41c0af474bdc71facae3bf1392e3f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxNt35mugSzcyKZxuR2kKfU6dwqSU1vZOzamWI0TkSJVrBH5eME6x7k9ueSvvN3ihb5YQMxGX7Aipf2z7D84TRFWWR7R2UZIJXAPGZJcL7jxj4ujllPCuPOHDds3V%2BGs4vLv8x0Yl8xT5FadL7%2BAJrqW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf18bdf27008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
everflow.js
www.trkflyingflaps.top/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.trkflyingflaps.top/scripts/sdk/everflow.js
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.141.250 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3a9d4b4be340ec38b5fdb35564a950a53210eb985c437fb9d043c708284e29b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000;
transfer-encoding
chunked
x-xss-protection
1;mode=block
referrer-policy
same-origin
server
nginx
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=14400
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-eflow-request-id
53cba39f-e2e8-423e-8062-2cc828a0d83b
samsungsharpsans.woff
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/fonts/samsungsharpsans.woff
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f647cf7d33a55d8fd992b2119ea0ea5c6b42371eb97dfe95bd0b200b2d8476e

Request headers

Referer
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Origin
https://claim.lovelycampaigns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81
alt-svc
h3=":443"; ma=86400
content-length
70396
last-modified
Wed, 17 Jan 2024 05:52:48 GMT
server
cloudflare
etag
"65a76b30-112fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRfa%2BfMSwU0Z%2B%2B%2BzauKj7MhdDBgaAgHJcvtEjn%2F%2Fdu7cKELivT5oJUbU%2Bbx6YW0YvTO4iZRMkpV1xTcoqW3tpuJGhnjWGiBTFEayTR3vpamAq%2F2x7%2FYRerWHH9cOwMzzcbOeTNLD%2BVsDO6zXt21UuymG"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8470cf18e9a16645-AMS
banner.png
galaxys21-netizens.netlify.app/images/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galaxys21-netizens.netlify.app/images/banner.png
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
83beb3b32e21af030692597f0205543a1c2c44a091c1510ee25be26bf2da1a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn1.liquifycdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMCCDAWHA1VWHWFQFGNCP39F
date
Wed, 17 Jan 2024 18:54:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
74704
cache-status
"Netlify Edge"; hit
etag
"a147f0d96a4c64206ed32a7a1d5f3fa9-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
293868
samsung-fonts.svg
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/samsung-fonts.svg
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d0027d10a8c7c9f4d02f1d36ea8c2fa578d2dcca50fdcee4c3b4eed9065ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F%2Bz2O1zWaNPrFrfaSNJqI3vfcAykpy50fQyCfhD39uBuspNBD%2Ba3fnVvCM69ITpo3ZrMQnjt4RRrUkhtXCwGio31AHKJyNwWTqmg6KSRqh9WlV4zW53n1nmpYByqwXDdnRZaLoPcGk6IaS275Gx%2FU8x"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
8470cf18bdf67008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
galaxy-fonts.svg
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/galaxy-fonts.svg
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338c25e6117d75ae56df8c1bd9fac7ab54cad66e7087e5d8164b9e4f9b317384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThxOpTXZtrlC51qdDfSCxaLJ9UpGrhBciWZjcYDyEZokv3hh%2FcnH1qSfLDJEE11ibIuQPr4mMF%2BOQrJoH%2BxVpmQowIKUj4T%2BiuqR%2FCsWrHtibsSbUa75D9B%2B%2F3Wu2%2FQhm0kXfjCAFJ0%2Bz0LzMdVkwH5%2B"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
8470cf18bdfd7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pink-element.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/pink-element.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96c30f9764cf709fd57bf780cf71878fa64db12513f63da9cc408cd716ad807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ll2Xw2mriXEQmvXnbMKTK4IIW%2FYPhYVXK4O%2BKE8oB6Xv8TaBP1r0y5KXBhvMb5G66dkbFo7XiNxVzpnajh0vO8lx8ihSiOFNu5%2B7RF5TGYsZtF4RDSmpsi53YVGm5rHWfaDiLyWnw80rHwmUmYGYPDZF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf18bdff7008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
brown-element.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/brown-element.png
Requested by
Host: claim.lovelycampaigns.com
URL: https://claim.lovelycampaigns.com/79c0bbe2c8dd0c340fd3626dbba6550562599337?oid=565&affid=127&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&sub1=697262356&sub2=11192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac5b10ed0e1828cf0201089bc7bfe97079ca53863589088f4772962e407ff17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmbeKACtGjQl8%2BPYcSaOwESFjlR8v9sSxFs7eoBOG0IQBntyuKZBLesd7uNZX3LAdm0d01trzijxwGdL8YClw6iJCxVqd0bFswNi%2Bn1eT04Y2tYZx%2Bp0NElLRP4MAuJg8MlYXaHP7zgySmQ7oy6EA4dz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf18be027008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
game-bg.png
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/images/game-bg.png
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
669da3934894028050f4ddccc539952284f3353e252f98beea0450d524eb92d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME%2Ftmmfq2Csm18c5MLFUgVHaaMnJKKIsl4ULLrgqe3hLgt3e4B%2BzxJpykEPUy4V2dVzJcniwfcpemHwqFlc9jJqPjpoFnVMQzzIuzeXz88MWp5ikokIRwfLcTW0li1ON4Jb65TuLdO9Ap14yIATiZkJH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*, *
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8470cf18be057008-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
OpenSauceOne-SemiBold.woff
cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/fonts/OpenSauceOne-SemiBold.woff
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4baad46c4ea17f2d7a92377bbc09a6ddc0e0e3d24f21dd34e06447373bf50dad

Request headers

Referer
https://cdn1.liquifycdn.com/cp/samsung-galaxy-s23/assets/css/styles.css
Origin
https://claim.lovelycampaigns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81
alt-svc
h3=":443"; ma=86400
content-length
32184
last-modified
Wed, 17 Jan 2024 05:52:48 GMT
server
cloudflare
etag
"65a76b30-7db8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3KUqec5xg8wFl%2BKvH8slxe%2FKZ5VPHQWbd%2FBlkIF2Jl7hI20G6bW5mtMJODH5onGHxOflf0MHsx3iYARxyniozzIwpC0dnz98uHqQbpcoDRsYIU2JKi8O0LVoPwh9IKf6hRG%2Fm99vkbT5C6wV2eZXP3g"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8470cf18e9a36645-AMS
click
www.trkflyingflaps.top/sdk/ 		87 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.trkflyingflaps.top/sdk/click?effp=4e4dc212847a88a2b03606154a10c606&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=75026c51a53e4d13b8b863b7d7eaeed8&oid=565&affid=127&__cc=&async=json&sub1=697262356&sub2=11192
Requested by
Host: www.trkflyingflaps.top
URL: https://www.trkflyingflaps.top/scripts/sdk/everflow.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.92.141.250 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e4f08aa135138e25123d95b56533b93b2cfef08fa7134a5a5d71ce0f8fe90775
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://claim.lovelycampaigns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:54:50 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;
content-length
87
x-xss-protection
1;mode=block
referrer-policy
same-origin
server
nginx
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://claim.lovelycampaigns.com
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-eflow-request-id
f68fea7e-0af8-48b6-be30-b5db6e53a686

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| __RB_showTerms function| isMobile function| Tabs function| myFunction function| isTimeSet function| secpass object| EF object| aab5b6f32db34ee099f633e69fea35248 object| a5a9c0383a46d3e1a8586f69857173e0a object| a5e9eaef9f5a9599d7413a7afe4cb9c8e object| aef6052c5c0420891510eaefd71bdb4c9

13 Cookies

Domain/Path Name / Value
apdgog.com/ Name: uclick
Value: 1mwhb4u3
apdgog.com/ Name: uclickhash
Value: 1mwhb4u3-1mwhb4u3-wh3y-nt0-ikk2-e8fyi4-6jpmbl-736698
.swpshdnmkt3.com/ Name: sid
Value: gPytJyJcCCpCt5tKb9pjyAz3eRzHa3qZp/0/5ehXiKSYScvR0jpqRg==
.swpshdnmkt3.com/ Name: trk
Value: 1Nov2yF92b5FkGTuI4uwvgz3eRzHa3qZp/0/5ehXiKSYScvR0jpqRg==
.swpshdnmkt3.com/ Name: c32367
Value: gPytJyJcCCrBVsFduych0IgsdW6OziOWeQ7xdyuC/J6ha2bU75+M6Q==
link.hellosixty.club/ Name: XSRF-TOKEN
Value: eyJpdiI6IkI0eEg1OWhOVXhuZHc3ZVB3Nk1JVVE9PSIsInZhbHVlIjoiQ1VEUG1LK1c3dnRwZHNvUVJaMjVuOVQxVTJ0bHdkcGp6MzdzT2NXeGR4YkMzUWY1bTllUWhmR2V2Nzg1cGFEZG4zNGd3ZWI3dzJ2cGI1TlFlWkNaR0RUNFFqWkFCNXp2SXZKUWRZeGk4b0E4ZjBXeUc0SWRib00rcVQwSk0xRkQiLCJtYWMiOiJhZDJiYWI0OTkzNmY4MDliZDE4NDUzZWFmYTViZjQ1ODJhOTA0NzY2ZWI2ZDRjZDdmYmU3MDVkZWNiZTc0Yjc0IiwidGFnIjoiIn0%3D
link.hellosixty.club/ Name: spring_session
Value: eyJpdiI6IkVyOHR4QmU2YjRCV3dJN0VpMHdjQmc9PSIsInZhbHVlIjoidmtIMGJkcm52SFM1MTdLWmNvbWprNzl1bCs0b0hRYm1uY1IvcDBIMGppL09tVXhqV0xwcFZRaGo0YldWcXhTbXV3eWxPdFJCY0xQSTlwYjh5bHNZWENnT2pxNWxqNUFHZnl5ZUJvdXVIdDAxS3poZ0dwOHYvYzlnSnEwdGw1QTYiLCJtYWMiOiJjYzE4MGY4ZGI5NzU0M2UzZTYxMGI0NTBmZGIwMTY3Y2U4MzgzMTJjOWJjYjNkNTJjOTg3YjA2YzUwOTM0ZjY3IiwidGFnIjoiIn0%3D
claim.lovelycampaigns.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNFVkw5cWw5UzZXVnVta1J2MWJyMlE9PSIsInZhbHVlIjoic1hxczJNT0J5MVRXSzJhclJ1aXFuTUpQT0RQSVpOdFdHYzhNTzMzZ0NzbUczWDU4ZW02alJoQ1NNSG1CS2hVRXMyZ09PQnJwalRVaVRvYlhpaDZ5d2ZHaGUzUENMSHRTNEI4bTl3QmhMay9SMTZzTzF0REcyTzB3VEpOcDdxM1kiLCJtYWMiOiJhY2YyYjc1YTBiMmU3MjY1YmY3NjA3ZGE1YmM0YWFjYTc1OWVjNjNiZDhlZTM4ZGU2OWI5NTNhZTcyNTRmZjVlIiwidGFnIjoiIn0%3D
claim.lovelycampaigns.com/ Name: sitesession
Value: eyJpdiI6IkJsSkxWTE9xMFpxL1BsQVRpaUlxaEE9PSIsInZhbHVlIjoieGJoQzRMSExEY0xwREl2Q2ZtTlNrdTROTmdTNmxaQXhLU0NuZHZyTnJ3QjZJQ1ZibnEyZzU5MEhrNG5HNURmblpsOWliakd2b21yTGpxVkpVZzlGK2JFVWY4dmdvUEFsTm8rM2lhZ1d3bzVNdWNqM2FUVHFkMXdsSTFYZG9yaHgiLCJtYWMiOiJjZTBiNjBlNTE0NDM2NGJiMTU1ZTk3ZGJiYzY1OTVlZmQwM2VjODFiMTJiODBlOWZkODQ4ZjQwN2ZkMDNjYjgzIiwidGFnIjoiIn0%3D
claim.lovelycampaigns.com/ Name: qeNU9nHavX59cvhCgD7jBkHPgBouQpTsZyBlxDHu
Value: eyJpdiI6IkdnWU5mU0VOWmJlUTJvR0d2UzVzcFE9PSIsInZhbHVlIjoiWk9zb1E4WHcvMklDbGRNYUplNHNXZytVNENzQXhzaXplUFFiMHI2Z1VROWpUTW1nc1dabEhqK0NTWlBqU2thVWFtMU51V3Y0R1k2SVNMMnBqODFaUm1RQVJCVFlxcGU0ZXBMbENEeVRkaVB4S3NaZlBUUm1RYXVaWmdPUVpjdjRPTnFPRExaLzl3R1FiY2dhb1gwcTY4cTd1V25RTDlxZ21DMXVCNnUwRWJaaHVlUHAvVjVtaVhJMTFyc1ZPcWJkVzB1SHJEd201WjhmTklPMXI4QXY4K3VvcGNieEJzUm4wQmZmVzFXL3d3OEMxbEM5RzFBam9MWFdEd0ZPVWJXdG5OaytDdDNCMXlxbnBHOWZIN1dBUkFQWFpsQWhCT2VWeXlwQXBUbUJncFBVc1Z6RVdtdGdCQmxONXhwV3pJVnhjSld0ZVY0ZWJkbTJDeTdkaUFBREJHMHNXYzRVS0RoMnVtK1VETkJiNUcvT1Z6UDRlOWRXcXJxU1NwRmlxdStWeUNzYVYwOGsyQ3o5VWluOUozMVBEYThTUTYwaFg0L3VUSFEzdVQ4UGtxU08wNXhkV2JUTzQ0VlNVd3NWOXcyZEFyRCtJTkhNV2hrbWJXMkxMOS9OM3RIUFplZkVHSEtCTUEvUjVmOHVzSlI1c1Z3aXg2MElkbEZaZWprNEFwakY4SHdxUU9Ld2FTU1dlem1UTGFPRjd1bE9ZRG96c0tFZDd6MmhpSUdLSFFQa3NHVUhRWTF1Ukc0aER3RnVwSW0vRER3bXFGN0EyOFdmR3I1dTk1eVNSRis2SU1IR3pFaHQybkJNdk81Zm1BejhnbnloK0wva1NDVElMejdHTHp4c0JvbUtnL1NwR2pZQUwrak04S2Npa3hidTRRVU1wTzk1WGVtTnVaVm1HSHNFbDFPQytyTEVhSmY5R0pDTm13ajNOQnJyZStJTHNiRGdYN09jMksreGdRTjZ1eGNTT0pVTWFrWU4xc3c1K3hGb3lVLzJoTmF3MWVhdWwvVHlKcnFuVnpoeEg2TkJ2b0lGd2xoZ0F0V3EwOGMyUFJSVlA3TGVsQmRHWmFOU1V2NkVMN3BrdG8zeHNOZUw3NXlVMmtUSnp3RnZXMmdHUzgyV2JyT0hDcVNxZXZLUUZrZFpFdmlnRmZ2NWJqUGVaSmN4ekIvL1E0a0I1TUhTYm5VaSs2Zm1uQXdva0JKMnQvaWJSdHdRRTljNUxFcDRsSmlrQkFSUVVueXQxb25hTUtMWmdrT2c4YzRoVFpuZ3dDRlFFc09iWmdaOVdUMFEzT1NyM3RodEpiYWRUVXRXY3FEdDRZK1prcHA1M296TWJUL3JLZWJ6UFVDcWltbXFsUkFMNmtjL2JQS1FwM2N2LzQwMkdhcjM3am00NWhJZUNGYlhRWEJWZTZtWGRqclpzaURyL1VTbW9VQXA4T1lTbGZpaFh5RVJXNWtLb0pTZXpLQnE3dHdWUEdQa1RTS1JKMC9aOTFsYlZZY01oUFNGRzRaV29qUTFvZjRpK2tuV1ZkdDlkZ3luT1ZNMDhidm9mdm9uV2FOTHZKRkc0OVFIbitaTkh0UXlFbVZHWVk0djlVQ1YwdEpPbGFzdk16SXRmMGJOR2xXWElqamNOM3hpWmlNRkJUNHVYR1QraXdyZ2VpbHpUcTBMZElUaklFWDBjaVdSeG1hWS9US2hUeEl0VkY3cEYvU0ErdFplekl5S2txS2lnandNWlB1eWt2RHd1dEEvZS9SMzlrMjkzbGhLdXYwPSIsIm1hYyI6IjgxNWRhZTEzMGI1Zjk5OTZiYjg2OGMwNmU3MDkwZGJiMDI5Y2E3YzJjOWNhNTgzMGNmNzY3MDgxZDQ0ZjdkNWIiLCJ0YWciOiIifQ%3D%3D
claim.lovelycampaigns.com/ Name: ef_witness
Value: 1
claim.lovelycampaigns.com/ Name: ef_tid_c_o_565
Value: 75026c51a53e4d13b8b863b7d7eaeed8
claim.lovelycampaigns.com/ Name: ef_tid_c_a_3
Value: 75026c51a53e4d13b8b863b7d7eaeed8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apdgog.com
cdn1.liquifycdn.com
cdnjs.cloudflare.com
claim.lovelycampaigns.com
galaxys21-netizens.netlify.app
jadetodunk.com
link.hellosixty.club
swpshdnmkt3.com
www.trkflyingflaps.top
www.wegetallgold.top
162.0.224.56
164.92.141.250
168.100.9.32
2606:4700::6811:190e
2a05:d014:58f:6202::64
2a06:98c1:3120::3
52.54.170.235
033b95a3263366344e9adc1c5c13983d69d3a4b96e467ca4c5b0e3bd30c6a772
0e4fff8f7e101118debc0fdb5c65515346ed0c2aa24323f04862b92721dd9d8a
107cd1bb5bcb72211b4e5022b4824ea8d8e33e4542ed21c7beb9871a71488d97
2ac5b10ed0e1828cf0201089bc7bfe97079ca53863589088f4772962e407ff17
338c25e6117d75ae56df8c1bd9fac7ab54cad66e7087e5d8164b9e4f9b317384
3f647cf7d33a55d8fd992b2119ea0ea5c6b42371eb97dfe95bd0b200b2d8476e
4baad46c4ea17f2d7a92377bbc09a6ddc0e0e3d24f21dd34e06447373bf50dad
4c5b8481febc886b3a96d81e477c3a09e5ca850c0f265d23c52baae54571fdd1
4e928a26f8534ed090e7bd5763b0bf58debb58fb28aac9fc99775b54137eb6f1
58f85aabdcb5b16cc66499baf53f3a9e02e14772144f9767e9d76df5b4b26d86
669da3934894028050f4ddccc539952284f3353e252f98beea0450d524eb92d5
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
7be53cf9394991f40e6dec88367e8e8d04e5373397f5c6b10518e7dc7e2567c5
8337fdf6bde582eb79a91438f4e94e18f561fca951ddd60e889eb97bdd88e6a0
83beb3b32e21af030692597f0205543a1c2c44a091c1510ee25be26bf2da1a0c
98d10f0cca2be54c77ffb65c3e00661c8d9e189322dfd168609f9803108a0070
9f234f1e17db9d25a49db0b68984a97aa68eb6d0187aa441efedf48be1cf8908
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9d0027d10a8c7c9f4d02f1d36ea8c2fa578d2dcca50fdcee4c3b4eed9065ba4
b49b20cdbad56c453c5d782fde1a3d33adad8f527c8c6bf5cf4e76b3bdd46a0f
bc78b2933250770c20afeb40b8a1686e30827081e783c8f06edb42c4d21c12ff
c2da61d889d6e41d901651e21ee1cf5aa36e9d77c2f3eb53969e3dbd38b104ff
c8fcda8c28954b2de717433be0e43566b7fb8d30105917a077689b0562e2ba1f
c946774423a164b0f47335dfab52774e9c41c0af474bdc71facae3bf1392e3f1
e2f7ca96a7a9ab0c12db0f7fc54c15526fe8027ea6041667ec805613ed628dd8
e3a9d4b4be340ec38b5fdb35564a950a53210eb985c437fb9d043c708284e29b
e4f08aa135138e25123d95b56533b93b2cfef08fa7134a5a5d71ce0f8fe90775
e96c30f9764cf709fd57bf780cf71878fa64db12513f63da9cc408cd716ad807