g2aweeklysale.com Open in urlscan Pro
139.59.199.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://achraflz3er.dynu.net/r.php?t=c&d=168214&l=1056&c=1673
Effective URL:
https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=N...
Submission: On January 28 via api (January 28th 2020, 4:56:44 pm UTC) from BE

Summary HTTP 90 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 19 domains to perform 90 HTTP transactions. The main IP is 139.59.199.9, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is g2aweeklysale.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 10th 2020. Valid for: 3 months.

This is the only time g2aweeklysale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.213.174.74 188.213.174.74	31034 (ARUBA-ASN) (ARUBA-ASN)
1 1	169.61.31.226 169.61.31.226	36351 (SOFTLAYER) (SOFTLAYER)
1 2	2606:4700:303... 2606:4700:3035::6812:32dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	185.128.34.116 185.128.34.116	29396 (UNET Unet...) (UNET Unet Network)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:214... 2600:9000:214f:8400:2:7bf5:a0c0:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
6	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
7	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
6 29	139.59.199.9 139.59.199.9	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 4	52.11.114.101 52.11.114.101	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:214... 2600:9000:214f:5c00:b:413c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
90	16

1 188.213.174.74 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: host74-174-213-188.serverdedicati.aruba.it

achraflz3er.dynu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.61.31.226 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: e2.1f.3da9.ip4.static.sl-reverse.com

www.coverbits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6812:32dc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.trlxcf01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.128.34.116 (Netherlands)

ASN29396 (UNET Unet Network, The Netherlands, NL)

yourdailygift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:8400:2:7bf5:a0c0:21 (United States)

ASN16509 (AMAZON-02, US)

djjcyqvteia9v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 139.59.199.9 (London, United Kingdom) 6 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

g2agiftcard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2aweeklysale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.11.114.101 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-114-101.us-west-2.compute.amazonaws.com

right.tracksz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.freegamelabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:214f:5c00:b:413c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.cloudcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	g2aweeklysale.com g2aweeklysale.com	1 MB
15	yourdailygift.com yourdailygift.com	1 MB
11	cloudcnt.com cdn.cloudcnt.com	220 KB
10	g2agiftcard.com 6 redirects g2agiftcard.com	3 KB
10	google-analytics.com 2 redirects www.google-analytics.com	91 KB
7	gstatic.com fonts.gstatic.com	72 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	144 KB
5	googleapis.com fonts.googleapis.com	4 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	36 KB
2	freegamelabs.com 1 redirects play.freegamelabs.com	3 KB
2	tracksz.co right.tracksz.co Failed	3 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	cloudfront.net djjcyqvteia9v.cloudfront.net	27 KB
2	trlxcf01.com 1 redirects click.trlxcf01.com	3 KB
1	ad-score.com data.ad-score.com	715 B
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	coverbits.com 1 redirects www.coverbits.com	570 B
1	dynu.net 1 redirects achraflz3er.dynu.net	386 B
90	19

	Domain	Requested by
19	g2aweeklysale.com	g2aweeklysale.com
15	yourdailygift.com	yourdailygift.com
11	cdn.cloudcnt.com	g2aweeklysale.com
10	g2agiftcard.com	6 redirects yourdailygift.com
10	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com yourdailygift.com g2aweeklysale.com
7	fonts.gstatic.com	yourdailygift.com g2aweeklysale.com djjcyqvteia9v.cloudfront.net
5	fonts.googleapis.com	yourdailygift.com g2aweeklysale.com
3	maxcdn.bootstrapcdn.com	yourdailygift.com
2	play.freegamelabs.com	1 redirects
2	right.tracksz.co	yourdailygift.com
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	stats.g.doubleclick.net	yourdailygift.com g2aweeklysale.com
2	static.hotjar.com	yourdailygift.com g2aweeklysale.com
2	djjcyqvteia9v.cloudfront.net	yourdailygift.com g2aweeklysale.com
2	click.trlxcf01.com	1 redirects
1	data.ad-score.com	g2aweeklysale.com
1	code.jquery.com	yourdailygift.com
1	www.googletagmanager.com	yourdailygift.com
1	www.coverbits.com	1 redirects
1	achraflz3er.dynu.net	1 redirects
90	21

This site contains links to these domains. Also see Links.

Domain
gfunsubscribe.com
www.myoffers.co.uk
www.emailingnetwork.com
www.economyenergy.co.uk
www.scottishpower.co.uk
tladm.co.uk
www.clcworld.com
www.aditus.uk.com
www.nabuhenergy.co.uk
www.boostpower.co.uk
www.mygreenstarenergy.com
orbitenergy.co.uk
www.carphonewarehouse.com
www.datablazersph.com
www.inboxagency.com
www.lead365.co.uk
www.iubenda.com
www.dignityfunerals.co.uk
www.homeimprovementquotes.co.uk
www.sky.com
www.edfenergy.com
rendhamdigital.com
www.affilihub.com
emnetwork.dk
www.clicklabsgroup.com
www.webreathemedia.com
www.hotmeetups.com
utilita.co.uk
www.esbenergy.co.uk
www.mydealtracker.co.uk
www.mortgageadviceservices.co.uk
www.advisorynetwork.co.uk
www.globalappliancecare.com
www.britishseniors.co.uk
www.diabetes.org.uk
www.o2.co.uk
homeshielddirect.co.uk
www.rituals.com
www.footballpools.com
wowpage.co.uk
www.amplifon.com
www.repairandassure.com
getprotect.co.uk
pmdsc.co.uk
healthierintermediaries.com
concordfuneralplan.com
www.bt.com
www.gogroopie.com
bulb.co.uk
www.shellenergy.co.uk
permissionmedia.co.uk
www.neptisuk.com
www.outspot.be
www.jobgrabba.com
www.smartinsurance.co.uk
www.discountexperts.com
hasslefreeboilers.com
octopus.energy
www.moneyresults.com
sptwo.com
www.miranda-clairvoyant.com
veriform.digital
allsortedcover.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-02` - `2020-10-09`	10 months	crt.sh
yourdailygift.com Let's Encrypt Authority X3	`2019-12-17` - `2020-03-16`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
g2agiftcard.com Let's Encrypt Authority X3	`2020-01-10` - `2020-04-09`	3 months	crt.sh
*.trackrevenue.com Amazon	`2019-06-26` - `2020-07-26`	a year	crt.sh
g2aweeklysale.com Let's Encrypt Authority X3	`2020-01-10` - `2020-04-09`	3 months	crt.sh
*.cloudcnt.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2019-09-02` - `2020-11-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Frame ID: 8F5A560C91B8D3CA249392DAEE23D9A0
Requests: 88 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: F6CDA6B7803365C6876714FC14B20C35
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: E5F3357984EA391927BCA9DAA0FEA8A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://achraflz3er.dynu.net/r.php?t=c&d=168214&l=1056&c=1673 HTTP 302
https://www.coverbits.com/J55PK4D/NQLZNLJ/&E=?creative_id=60838&sub1=29&sub2=168214&sub3=75&sub4=1056&... HTTP 302
https://click.trlxcf01.com/click/76EILp9fk09irGK2TX?affid=101698&c1=ce1a9ea58ace4c0788148046cd10883e&c3... HTTP 302
https://click.trlxcf01.com/main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%... Page URL
https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&pub... Page URL
https://g2agiftcard.com/nl_be/tr_tonv_benl_s HTTP 302
https://g2agiftcard.com/exit-url/redirect?externalId=71893db6a952389dac49ef4ed4a16d2a&type=geo HTTP 302
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=71893db6a952389dac49ef4ed4a16d2a&c8=nl... HTTP 302
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k... Page URL
https://play.freegamelabs.com/click/v3kCw4bh1k6T4Gpgfk?affid=100135&c1=xp83fWOUdx-5e3067bbba4d1c0df73ef976... HTTP 302
https://play.freegamelabs.com/main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsno... Page URL
https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networki... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

90
Requests

98 %
HTTPS

59 %
IPv6

19
Domains

21
Subdomains

16
IPs

7
Countries

3155 kB
Transfer

5761 kB
Size

6
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://gfunsubscribe.com/
Title: withdraw

Search URL Search Domain Scan URL

URL: https://www.myoffers.co.uk/privacy-statement
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.emailingnetwork.com/politica-de-privacidad/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.economyenergy.co.uk/helpful-information/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.scottishpower.co.uk/legal/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://tladm.co.uk/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.clcworld.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.aditus.uk.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.nabuhenergy.co.uk/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.boostpower.co.uk/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.mygreenstarenergy.com/about-us/terms-conditions
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://orbitenergy.co.uk/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.carphonewarehouse.com/terms-and-conditions/privacy-policy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.datablazersph.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.inboxagency.com/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.lead365.co.uk/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/80473141/legal
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.dignityfunerals.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.homeimprovementquotes.co.uk/privacy-and-advertising-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.sky.com/help/articles/sky-privacy-and-cookies-notice
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.edfenergy.com/terms-conditions/privacy-cookie-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://rendhamdigital.com/privacy-policy-2/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.affilihub.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://emnetwork.dk/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.clicklabsgroup.com/client-list
Title: partners

Search URL Search Domain Scan URL

URL: https://www.clicklabsgroup.com/privacy-policy-2
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.webreathemedia.com/client-list
Title: partners

Search URL Search Domain Scan URL

URL: https://www.webreathemedia.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.hotmeetups.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://utilita.co.uk/terms
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.esbenergy.co.uk/privacy#heading1
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mydealtracker.co.uk/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mortgageadviceservices.co.uk/privacy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.advisorynetwork.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.globalappliancecare.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.britishseniors.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.diabetes.org.uk/privacy
Title: Privacy terms

Search URL Search Domain Scan URL

URL: https://www.o2.co.uk/termsandconditions/privacy-policy%20
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://homeshielddirect.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.rituals.com/nl-nl/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.footballpools.com/static/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://wowpage.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amplifon.com/uk/terms-conditions
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.repairandassure.com/privacy-statement
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://getprotect.co.uk/privacy-and-cookies/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pmdsc.co.uk/PMDSC_Privacy_Policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://healthierintermediaries.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://concordfuneralplan.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bt.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.gogroopie.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://bulb.co.uk/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.shellenergy.co.uk/info/policies/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://permissionmedia.co.uk/privacy-policy/
Title: https://permissionmedia.co.uk/privacy-policy/

Search URL Search Domain Scan URL

URL: https://www.neptisuk.com/privacy-policy/
Title: https://www.neptisuk.com/privacy-policy/

Search URL Search Domain Scan URL

URL: https://www.outspot.be/nl/privacybeleid
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.esbenergy.co.uk/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jobgrabba.com/tandc
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.smartinsurance.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.discountexperts.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://hasslefreeboilers.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://octopus.energy/policies/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.moneyresults.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

URL: http://sptwo.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.miranda-clairvoyant.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://veriform.digital/privacy-policy-2/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://allsortedcover.co.uk/termsandconditions/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://achraflz3er.dynu.net/r.php?t=c&d=168214&l=1056&c=1673 HTTP 302
https://www.coverbits.com/J55PK4D/NQLZNLJ/&E=?creative_id=60838&sub1=29&sub2=168214&sub3=75&sub4=1056&sub5=1673 HTTP 302
https://click.trlxcf01.com/click/76EILp9fk09irGK2TX?affid=101698&c1=ce1a9ea58ace4c0788148046cd10883e&c3=9343 HTTP 302
https://click.trlxcf01.com/main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646 Page URL
https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646 Page URL
https://g2agiftcard.com/nl_be/tr_tonv_benl_s HTTP 302
https://g2agiftcard.com/exit-url/redirect?externalId=71893db6a952389dac49ef4ed4a16d2a&type=geo HTTP 302
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=71893db6a952389dac49ef4ed4a16d2a&c8=nl_BE_tr_tonv_benl_s HTTP 302
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26 Page URL
https://play.freegamelabs.com/click/v3kCw4bh1k6T4Gpgfk?affid=100135&c1=xp83fWOUdx-5e3067bbba4d1c0df73ef976&c3=NNACP&c4=NPACN& HTTP 302
https://play.freegamelabs.com/main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f Page URL
https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://achraflz3er.dynu.net/r.php?t=c&d=168214&l=1056&c=1673 HTTP 302
https://www.coverbits.com/J55PK4D/NQLZNLJ/&E=?creative_id=60838&sub1=29&sub2=168214&sub3=75&sub4=1056&sub5=1673 HTTP 302
https://click.trlxcf01.com/click/76EILp9fk09irGK2TX?affid=101698&c1=ce1a9ea58ace4c0788148046cd10883e&c3=9343 HTTP 302
https://click.trlxcf01.com/main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=458729126&t=pageview&_s=1&dl=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAUADQ~&jid=460081253&gjid=257104942&cid=1028062312.1580230584&tid=UA-129693020-1&_gid=1964637068.1580230584&_r=1&gtm=2ou1f1&z=1011582547 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=1028062312.1580230584&jid=460081253&_gid=1964637068.1580230584&gjid=257104942&_v=j79&z=1011582547

Request Chain 31

https://g2agiftcard.com/nl_be/tr_tonv_benl_s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646 HTTP 302
https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo

Request Chain 32

https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo HTTP 302
https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s

Request Chain 33

https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s HTTP 302
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b918b768671a4233c1%26c3%3D101698%26c4%3D9343%26

Request Chain 34

https://g2agiftcard.com/nl_be/tr_tonv_benl_s HTTP 302
https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo

Request Chain 36

https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo HTTP 302
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s

Request Chain 37

https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s HTTP 302
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b987ff17251737e21a%26c3%3DNNACP%26c4%3DNPACN%26

Request Chain 38

https://g2agiftcard.com/nl_be/tr_tonv_benl_s HTTP 302
https://g2agiftcard.com/exit-url/redirect?externalId=71893db6a952389dac49ef4ed4a16d2a&type=geo HTTP 302
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=71893db6a952389dac49ef4ed4a16d2a&c8=nl_BE_tr_tonv_benl_s HTTP 302
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26

Request Chain 40

https://play.freegamelabs.com/click/v3kCw4bh1k6T4Gpgfk?affid=100135&c1=xp83fWOUdx-5e3067bbba4d1c0df73ef976&c3=NNACP&c4=NPACN& HTTP 302
https://play.freegamelabs.com/main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f

Request Chain 76

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=249230177&t=pageview&_s=1&dl=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f&ul=en-us&de=UTF-8&dt=Win%20now!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEADQ~&jid=916958542&gjid=257804098&cid=1783207207.1580230589&tid=UA-111639877-1&_gid=1409428581.1580230589&_r=1&z=470877555 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111639877-1&cid=1783207207.1580230589&jid=916958542&_gid=1409428581.1580230589&gjid=257804098&_v=j79&z=470877555

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

d.php
click.trlxcf01.com/main/
Redirect Chain

http://achraflz3er.dynu.net/r.php?t=c&d=168214&l=1056&c=1673
https://www.coverbits.com/J55PK4D/NQLZNLJ/&E=?creative_id=60838&sub1=29&sub2=168214&sub3=75&sub4=1056&sub5=1673
https://click.trlxcf01.com/click/76EILp9fk09irGK2TX?affid=101698&c1=ce1a9ea58ace4c0788148046cd10883e&c3=9343
https://click.trlxcf01.com/main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c7...

235 B
530 B

385ms
384ms

Document
text/html

2606:4700:3035::6812:32dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.trlxcf01.com/main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:32dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: click.trlxcf01.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: __cfduid=dba95b0b41548c37be5d879ebe9b78ce61580230581; AWSALB=lBrsYafV/00AMisFZjbbWVqFw1vbH750w8Gn1I6fyAIfnPdZHluku4TPP5dMkYKXIsg5LYkIrP9eI0Oyh47G4/o7277nKSZhPDp+hX64pXGxyIypKXGlhqBTsrtw; AWSALBCORS=lBrsYafV/00AMisFZjbbWVqFw1vbH750w8Gn1I6fyAIfnPdZHluku4TPP5dMkYKXIsg5LYkIrP9eI0Oyh47G4/o7277nKSZhPDp+hX64pXGxyIypKXGlhqBTsrtw; XSRF-TOKEN=eyJpdiI6ImVzaVRSU3JXMVl6b2NndmpnQzBqSGc9PSIsInZhbHVlIjoicXgrU3lmeFZLWXhoTUF3QVNXZ0RiR3hpRVQrRlBQTUYyelo0ZE1Oamp0cDJwRmJaTURwVWNEZmdMMW1JRDRsK291NStDUEthV1ROclZpWjJLNTI2alE9PSIsIm1hYyI6ImM1NGEzZGMyMDhkYWEwNmQwMmUwMTI1MDIxZDFmNmQ1YTIwNjUxYmRlYzRmNzlkMzcwODQxYzg1YzlmZjQ2NTIifQ%3D%3D; session=eyJpdiI6Ino5MXlcL3lhMnZLUFpuT1pJNTdWZVBBPT0iLCJ2YWx1ZSI6IkFmWVJUSUNmSVwvZVd0bVpncTZ0dXI1V3g0c2c3MmcyNEJkU1BPaWRiNG9ianY0RCsxamdad0xNU1wvT0prSnhCYytQVk9qd0J4WXpRVFpXT2h5MVhyR1E9PSIsIm1hYyI6ImU2ZDc0ZGU1OGEwZWI4YzIyMDE5YWU1MzcyMDdiYTYwZGU1MjZkMTdjYmVlMzc5ODRmZTVkZjcyZjczZGQ4MGEifQ%3D%3D; ept2=eyJpdiI6IlRTXC8wN2IwUFVTc1kzOEJzTkxDK1ZnPT0iLCJ2YWx1ZSI6ImVuSXptdVczOFNoQjFUak9TTU1IVzJjdDF2SEhKMndjZWRhOFVkaEZ6V1g0bHZ1eWc1Y1NyUzg2bDJXR0lKckUxVmpWdHB5N3cySmw4YlJoY3YzUzlYVXExcnpKa2NVb09Bd2g3VXQ5bURxWHZDQmtENHVKM282WEZrXC9lakQwSjQ5cHN0S20xZDNRcGpPQUM2eGt2NjJUUTkwanpXY3FtWWVoNEtyQzhkNUs3YndCOHpLRmFqVXRYMlUrR1o1OHgiLCJtYWMiOiI4ODIyMmM4YjBhMjExMmE5ZTZkMjY1ZTYxYTUwMjZkN2ViMzBlOTkyZWE0ZjI1YWQyYjk5OTg3MmRlMDdjZWY3In0%3D; 6IP66zRmGMtUXHIk3nr7Ad8VA0C5NV0DmEkBK5ef=eyJpdiI6ImlNRitremE2TnRKbmt6N1prR0lDeVE9PSIsInZhbHVlIjoiRnc3TkM5cWxmVCsrTkNLM1M2Kzh3ZWVZU1lVcnlweHdtRnBpMlVmVTFUUUNKbE9nZlpYcW1xZE4xUmZyNnRvelhaSHhFYTE4bHkrd0pUT2F2cTJlTjVWTUFkVFBORVo4c1NqN2g4WVBYOXFiWXFZa04xQW1nUzBWODQ0MFNmbENcL0FtclZWOUFRM0JhTUkzeElyanNXclExdFZtTUpUWll5YW5WVVdXY3FnY28zQXB4R2t6VlgxUFBXQ1FiUmJURjI5OW42K3h6bFlOaEcwa2tHcU1oOHFXQ0NRcjJvQ3FNUWIwKzBsRXMrTlwvcnNkem40ZDhXUmRWeFlGUFc5YkxCdjZyTmN3aTJYU1BaQm5HZDJnQmgxdmQ4Y1h4R1NsMW00OUNXWTZVNlpnbnlFZmFkSFNQM25oZDNvN05vemZNeDlFMSt0NzY2Y04zblZuaHBhZW1xTmU2QkJMa0F4aWxoNURpc0k0dlNFV2EyRWd6T25NWlZPYTdiZVlRMGlXRE9rQ01KZzRqcjBrVGd1NGhtTnN2TXk3K0NOSXZMNDg0RzdwUFMxQXVPbW5xazNUZUtOd2l2c0lyVE0rb3Vya2JtSFdZa3VVYVBcL3Jzd2xrNk5wZWp5Tm5zekxcL0I0R0M5TW04WnFqZWxmaDNibEw3UnV4ZjU1R1BGVktaZ3U2VUhGcWpMRVwvVlwvdEVLRWMrclwvblRpR3V4RzE3VkZhbHZMT1p4RCtcLzdJRmsrNHZJWTRuVkU1WEo3cklrRlVpR0ZibkhJeEZZaE1TZnp4RDFNRFNDbzlieTJ1TVk1aVNWY09KRGh3TUNoREhweTd6WHo1N3lSbVwvd3AxZzdmUUczcDhRQ3VMTUhsU2ZoQjFpWU53VTZFNmpzeGc9PSIsIm1hYyI6ImI4NDhlNjA1N2UzZDcyOThiNjgyMDQzMGY5NTRhY2JjMjE4OTgzZTUyZjY5NDAxNWFmMDc1N2RmMTJhNDRkN2MifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jan 2020 16:56:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=Toq7mYpkDNKZArDopfMvohXkf8Vhq1NR+wkhXCt+krdeJwsAabdSrptFTlXbP05Is9GoIiOjPPCmOMMWv07SGk8/+pBoJ0/5MneNvY+KFvTFdu3nqhP5qEDEyVng; Expires=Tue, 04 Feb 2020 16:56:22 GMT; Path=/ AWSALBCORS=Toq7mYpkDNKZArDopfMvohXkf8Vhq1NR+wkhXCt+krdeJwsAabdSrptFTlXbP05Is9GoIiOjPPCmOMMWv07SGk8/+pBoJ0/5MneNvY+KFvTFdu3nqhP5qEDEyVng; Expires=Tue, 04 Feb 2020 16:56:22 GMT; Path=/; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55c47fd4eb9796c2-FRA
content-encoding: br

Redirect headers

status: 302
date: Tue, 28 Jan 2020 16:56:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dba95b0b41548c37be5d879ebe9b78ce61580230581; expires=Thu, 27-Feb-20 16:56:21 GMT; path=/; domain=.trlxcf01.com; HttpOnly; SameSite=Lax AWSALB=lBrsYafV/00AMisFZjbbWVqFw1vbH750w8Gn1I6fyAIfnPdZHluku4TPP5dMkYKXIsg5LYkIrP9eI0Oyh47G4/o7277nKSZhPDp+hX64pXGxyIypKXGlhqBTsrtw; Expires=Tue, 04 Feb 2020 16:56:22 GMT; Path=/ AWSALBCORS=lBrsYafV/00AMisFZjbbWVqFw1vbH750w8Gn1I6fyAIfnPdZHluku4TPP5dMkYKXIsg5LYkIrP9eI0Oyh47G4/o7277nKSZhPDp+hX64pXGxyIypKXGlhqBTsrtw; Expires=Tue, 04 Feb 2020 16:56:22 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6ImVzaVRSU3JXMVl6b2NndmpnQzBqSGc9PSIsInZhbHVlIjoicXgrU3lmeFZLWXhoTUF3QVNXZ0RiR3hpRVQrRlBQTUYyelo0ZE1Oamp0cDJwRmJaTURwVWNEZmdMMW1JRDRsK291NStDUEthV1ROclZpWjJLNTI2alE9PSIsIm1hYyI6ImM1NGEzZGMyMDhkYWEwNmQwMmUwMTI1MDIxZDFmNmQ1YTIwNjUxYmRlYzRmNzlkMzcwODQxYzg1YzlmZjQ2NTIifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:22 GMT; Max-Age=7200; path=/ session=eyJpdiI6Ino5MXlcL3lhMnZLUFpuT1pJNTdWZVBBPT0iLCJ2YWx1ZSI6IkFmWVJUSUNmSVwvZVd0bVpncTZ0dXI1V3g0c2c3MmcyNEJkU1BPaWRiNG9ianY0RCsxamdad0xNU1wvT0prSnhCYytQVk9qd0J4WXpRVFpXT2h5MVhyR1E9PSIsIm1hYyI6ImU2ZDc0ZGU1OGEwZWI4YzIyMDE5YWU1MzcyMDdiYTYwZGU1MjZkMTdjYmVlMzc5ODRmZTVkZjcyZjczZGQ4MGEifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:22 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IlRTXC8wN2IwUFVTc1kzOEJzTkxDK1ZnPT0iLCJ2YWx1ZSI6ImVuSXptdVczOFNoQjFUak9TTU1IVzJjdDF2SEhKMndjZWRhOFVkaEZ6V1g0bHZ1eWc1Y1NyUzg2bDJXR0lKckUxVmpWdHB5N3cySmw4YlJoY3YzUzlYVXExcnpKa2NVb09Bd2g3VXQ5bURxWHZDQmtENHVKM282WEZrXC9lakQwSjQ5cHN0S20xZDNRcGpPQUM2eGt2NjJUUTkwanpXY3FtWWVoNEtyQzhkNUs3YndCOHpLRmFqVXRYMlUrR1o1OHgiLCJtYWMiOiI4ODIyMmM4YjBhMjExMmE5ZTZkMjY1ZTYxYTUwMjZkN2ViMzBlOTkyZWE0ZjI1YWQyYjk5OTg3MmRlMDdjZWY3In0%3D; expires=Wed, 29-Jan-2020 16:56:22 GMT; Max-Age=86400; path=/; HttpOnly 6IP66zRmGMtUXHIk3nr7Ad8VA0C5NV0DmEkBK5ef=eyJpdiI6ImlNRitremE2TnRKbmt6N1prR0lDeVE9PSIsInZhbHVlIjoiRnc3TkM5cWxmVCsrTkNLM1M2Kzh3ZWVZU1lVcnlweHdtRnBpMlVmVTFUUUNKbE9nZlpYcW1xZE4xUmZyNnRvelhaSHhFYTE4bHkrd0pUT2F2cTJlTjVWTUFkVFBORVo4c1NqN2g4WVBYOXFiWXFZa04xQW1nUzBWODQ0MFNmbENcL0FtclZWOUFRM0JhTUkzeElyanNXclExdFZtTUpUWll5YW5WVVdXY3FnY28zQXB4R2t6VlgxUFBXQ1FiUmJURjI5OW42K3h6bFlOaEcwa2tHcU1oOHFXQ0NRcjJvQ3FNUWIwKzBsRXMrTlwvcnNkem40ZDhXUmRWeFlGUFc5YkxCdjZyTmN3aTJYU1BaQm5HZDJnQmgxdmQ4Y1h4R1NsMW00OUNXWTZVNlpnbnlFZmFkSFNQM25oZDNvN05vemZNeDlFMSt0NzY2Y04zblZuaHBhZW1xTmU2QkJMa0F4aWxoNURpc0k0dlNFV2EyRWd6T25NWlZPYTdiZVlRMGlXRE9rQ01KZzRqcjBrVGd1NGhtTnN2TXk3K0NOSXZMNDg0RzdwUFMxQXVPbW5xazNUZUtOd2l2c0lyVE0rb3Vya2JtSFdZa3VVYVBcL3Jzd2xrNk5wZWp5Tm5zekxcL0I0R0M5TW04WnFqZWxmaDNibEw3UnV4ZjU1R1BGVktaZ3U2VUhGcWpMRVwvVlwvdEVLRWMrclwvblRpR3V4RzE3VkZhbHZMT1p4RCtcLzdJRmsrNHZJWTRuVkU1WEo3cklrRlVpR0ZibkhJeEZZaE1TZnp4RDFNRFNDbzlieTJ1TVk1aVNWY09KRGh3TUNoREhweTd6WHo1N3lSbVwvd3AxZzdmUUczcDhRQ3VMTUhsU2ZoQjFpWU53VTZFNmpzeGc9PSIsIm1hYyI6ImI4NDhlNjA1N2UzZDcyOThiNjgyMDQzMGY5NTRhY2JjMjE4OTgzZTUyZjY5NDAxNWFmMDc1N2RmMTJhNDRkN2MifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:22 GMT; Max-Age=7200; path=/; HttpOnly
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55c47fd04e8e96c2-FRA

GET
H/1.1 200
OK Cookie set tonv-benl-s Show response
yourdailygift.com/ 123 KB
26 KB 617ms
534ms Document
text/html 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: e1debaba03de52e2667d2d58b6039d31a4fbf7c6c6defa5f10bd2383facd620e

Request headers

Host: yourdailygift.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Server: Apache/2.4.25 (Debian)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkxGbEFIR3UyT1JTWm1DUjZSOFpTdkE9PSIsInZhbHVlIjoiWGd0RDNxN0p6ZTBQeEtiWHNOcXBVMGl4RVlQNTF3dlg1bk0wcHNtREEwcFFxd3JlZTVrUithenBJRE9wN2krWiIsIm1hYyI6IjVkYWI0ZWRmYWQwNmJkYTZjOTFmZjlkZjZmZDUyY2IxZjJmOTA3YzM2ODJiMmMxNjIzNzYyMmM2ZDhjYTVhMTgifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:23 GMT; Max-Age=7200; path=/ cors_session=eyJpdiI6ImJPZDgxNWJBemJFbThBYVwvSFNcL1I1QT09IiwidmFsdWUiOiI4cEhDdmhxeG5wZVwvaDBMTHJNcSsybTVLOGRocUNNNFJVNW1nclwvV0V6WmFSbjFMdUFIMHQ2VCtyTVZJd0ZLWUsiLCJtYWMiOiJiM2YxZjM4OGViZmI5ZTkzM2NiOTI0MGI4MjM4NWE0ZjZjNzQ0Yjc4MjEwMWM2NzJhNzQ5ZjAzODUxOWFhNmIxIn0%3D; expires=Tue, 28-Jan-2020 18:56:23 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25588
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 25ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 30ms
13ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK main.min.css
yourdailygift.com/styles/ 6 KB
1 KB 36ms
35ms Stylesheet
text/css 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/styles/main.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: a796d9ce19cdcef436ca1aeb9d6de43067d87cfadea37096925165d1d3af0fd6

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 14:06:12 GMT
Server: Apache/2.4.25 (Debian)
ETag: "174d-59d33b9f09d00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1125

GET
H/1.1 200
OK main.min.css
yourdailygift.com/templates/supermarket/blocks-v2/styles/ 103 KB
12 KB 91ms
55ms Stylesheet
text/css 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/templates/supermarket/blocks-v2/styles/main.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b582377cc59690982fca4f0cefc9f01ecf1e26e5e2f6ccc25a9f8e8f1ace47ab

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 10:35:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "19afa-59d30c7000c7e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11938

GET
H/1.1 200
OK campaign.min.css
yourdailygift.com/campaigns/829/styles/ 40 KB
5 KB 98ms
42ms Stylesheet
text/css 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/campaigns/829/styles/campaign.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: a57ba50f581da3346d595619a3e5bd978141a9c02910983b4c335aef897cdba9

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "a15a-59d30c6ae8149-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4285

GET
H/1.1 200
OK select2.min.css
yourdailygift.com/vendor/select2/ 15 KB
2 KB 93ms
37ms Stylesheet
text/css 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/vendor/select2/select2.min.css
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 14:13:58 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3b4c-59d33d5c620aa-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2005

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129693020-1

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31bcbd3cc9f873909d7039b3fc2db0d3ddc8ecf6f8180615ac528bddf9cc1cb3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:12:23 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28306
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:23 GMT

GET
H/1.1 200
OK info.png
yourdailygift.com/campaigns/829/images/ 190 B
474 B 96ms
40ms Image
image/png 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/campaigns/829/images/info.png
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 4a799725b5c11a9f800721bd0b7307adb52e2adce219c69c66c69a0d6327d383

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "be-59d30c6ade509"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 190

GET
H/1.1 200
OK logo_img.png
yourdailygift.com/campaigns/829/images/ 35 KB
36 KB 40ms
40ms Image
image/png 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/campaigns/829/images/logo_img.png
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: a54221e2eb924d0070ec1e50dbce6dc09b3539fbc165c3e02b2ab79b052d03e5

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "8d78-59d30c6ae12ce"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 36216

GET
H/1.1 200
OK hero-mob.png
yourdailygift.com/campaigns/829/images/ 464 KB
465 KB 48ms
48ms Image
image/png 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/campaigns/829/images/hero-mob.png
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 4936d9796aec752628cf17d6ac519b0a7ee60dfdf32e2b6e09cf070813704841

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "74119-59d30c6ad96e8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 475417

GET
H/1.1 200
OK hero.png
yourdailygift.com/campaigns/829/images/ 456 KB
456 KB 51ms
51ms Image
image/png 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/campaigns/829/images/hero.png
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3e12d1472578c5312e1c1bc9a37dadeccd2fb2e50c5ce124b04d73d492673d83

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "71fde-59d30c6adc5c9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 466910

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 19ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Origin: https://yourdailygift.com

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1580230583.dop052.fr8.shc,1580230583.dop052.fr8.t,1580230583.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 23ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Origin: https://yourdailygift.com

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H/1.1 200
OK app.js Show response
yourdailygift.com/js/ 696 KB
181 KB 78ms
78ms Script
application/javascript 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/js/app.js
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0f29f49c0de72d04faa05512929da6a7d8d52a5055d464be5b91a08883f64e35

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 14:13:58 GMT
Server: Apache/2.4.25 (Debian)
ETag: "ae1ac-59d33d5c4b5ff-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H2 200 EHawkTalon.js Show response
djjcyqvteia9v.cloudfront.net/ 43 KB
14 KB 22ms
8ms Script
text/javascript 2600:9000:214f:8400:2:7bf5:a0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:8400:2:7bf5:a0c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, ALLOW-FROM https://www.e-hawk.net/

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:07:34 GMT
content-encoding: gzip
age: 11292529
x-cache: Hit from cloudfront
status: 200
content-length: 13571
last-modified: Wed, 27 Sep 2017 11:06:08 GMT
server: Apache
x-frame-options: SAMEORIGIN, ALLOW-FROM https://www.e-hawk.net/
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: oNpEREh2KEB0kfqV3tKDUsb9UKXLQgwt-Fid_5LDHm0yduJ6l61DOg==

GET
H/1.1 200
OK script.min.js Show response
yourdailygift.com/templates/supermarket/blocks-v2/scripts/ 13 KB
4 KB 46ms
46ms Script
application/javascript 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/templates/supermarket/blocks-v2/scripts/script.min.js
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: d853f374f81c4aac9bb2516911057ef7e32cfeaa3d2276b336051133fa5af8b4

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 10:35:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3265-59d30c6ffcdfd-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3673

GET
H/1.1 200
OK script.min.js Show response
yourdailygift.com/campaigns/829/scripts/ 32 B
328 B 103ms
47ms Script
application/javascript 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/campaigns/829/scripts/script.min.js
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2216f74206505a528bf72e953d676abf439b0b9102c6c675fb02f556a97868ac

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "20-59d30c6ae71a9"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32

GET
H2 200 css
fonts.googleapis.com/ 13 KB
940 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,600|Open+Sans:300,500,600,700

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38363e3031de5208f931105f11b0fcb9f675b436b20ced576d64f339e154f1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:56:23 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:23 GMT

GET
H2 200 hotjar-1189510.js Show response
static.hotjar.com/c/ 3 KB
2 KB 86ms
29ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1189510.js?sv=6

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress1

Software

Resource Hash

72331d3326d88cd08dd8bbf3e6df77e44e0aebda0e96a1636277d97cac297cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 61
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1600
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/7e6785bdf28f2a036051c85960a1fed8
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: ded26501c2c18c724c32effd6bd2cf43
section-origin-responded: true

GET
H/1.1 200
OK background.jpg
yourdailygift.com/campaigns/829/images/ 53 KB
53 KB 82ms
43ms Image
image/jpeg 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/campaigns/829/images/background.jpg
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 7fa21cffe9d1da602d6e453f0b8e6a32e921965102d3404822418ace456ce759

Request headers

Referer: https://yourdailygift.com/campaigns/829/styles/campaign.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:00 GMT
Server: Apache/2.4.25 (Debian)
ETag: "d20d-59d30c6ad19e8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 53773

GET
H/1.1 200
OK xrotate-phone.png
yourdailygift.com/templates/supermarket/blocks-v2/images/ 2 KB
2 KB 53ms
52ms Image
image/png 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourdailygift.com/templates/supermarket/blocks-v2/images/xrotate-phone.png
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 8b38a5ede6fe6b57ccc1078dc210eca4d8bff3b17568cec86a6b4f7f5b4b2831

Request headers

Referer: https://yourdailygift.com/templates/supermarket/blocks-v2/styles/main.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 10:35:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "831-59d30c6ff9f1d"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2097

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,400,600|Open+Sans:300,500,600,700
Origin: https://yourdailygift.com

Response headers

date: Thu, 23 Jan 2020 06:13:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 470574
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 06:13:29 GMT

GET
H/1.1 200
OK Oswald-Heavy.woff2
yourdailygift.com/fonts/Oswald-Heavy/ 30 KB
30 KB 77ms
39ms Font
application/octet-stream 185.128.34.116
UNET Unet Network

General

Check archive.org

Show headers Download Go to

Full URL: https://yourdailygift.com/fonts/Oswald-Heavy/Oswald-Heavy.woff2
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.128.34.116 , Netherlands, ASN29396 (UNET Unet Network, The Netherlands, NL),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 33405d243b1d6b59763f933848f7d90ac96b0f820f560ca5f4e37e5dd7bfd261

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://yourdailygift.com/templates/supermarket/blocks-v2/styles/main.min.css
Origin: https://yourdailygift.com

Response headers

Date: Tue, 28 Jan 2020 16:56:23 GMT
Last-Modified: Tue, 28 Jan 2020 14:06:12 GMT
Server: Apache/2.4.25 (Debian)
ETag: "78d0-59d33b9f09d00"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30928

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129693020-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4688
date: Tue, 28 Jan 2020 15:38:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 28 Jan 2020 17:38:15 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
23 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KT9575B&t=gtag_UA_129693020_1&cid=1028062312.1580230584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b1a3dcbaab89acdaa51163b3061065737d20b5f578c6dad425e526870d8fdcb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23659
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:23 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=458729126&t=pageview&_s=1&dl=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D1016...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=1028062312.1580230584&jid=460081253&_gid=1964637068.1580230584&gjid=257104942&_v=j79&z=1011582547

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=1028062312.1580230584&jid=460081253&_gid=1964637068.1580230584&gjid=257104942&_v=j79&z=1011582547

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:23 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 16:56:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-129693020-1&cid=1028062312.1580230584&jid=460081253&_gid=1964637068.1580230584&gjid=257104942&_v=j79&z=1011582547
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=458729126&t=event&_s=2&dl=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tonv-benl-s-101698-9343&ea=01.%20home&el=NONE&ev=0&_u=KGBAAUADQ~&jid=&gjid=&cid=1028062312.1580230584&tid=UA-129693020-1&_gid=1964637068.1580230584&gtm=2ou1f1&z=921772325

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 11:08:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 539271
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9ad849c74ae56ab50f63.js Show response
script.hotjar.com/ 401 KB
70 KB 86ms
28ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9ad849c74ae56ab50f63.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1189510.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash: 5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:23 GMT
content-encoding: br
content-type: application/javascript
age: 8215
status: 200
section-io-cache: Hit
content-length: 71256
last-modified: Tue, 28 Jan 2020 14:35:53 GMT
etag: "1d20895803c0fbc2ae7dc220b20b6a79"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: e2282706f40b924b3e1198a963a7a902
section-origin-responded: true

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame F6CD 0
0 86ms
29ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1189510.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Response headers

status: 200
date: Tue, 28 Jan 2020 16:56:23 GMT
content-type: text/html
content-length: 808
last-modified: Thu, 23 Jan 2020 16:00:40 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.027
section-origin-responded: true
age: 435074
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 02ec96cbb5a996fc12916e04b03d1eec

GET
H/1.1

302
Found

redirect Show response
g2agiftcard.com/exit-url/
Redirect Chain

https://g2agiftcard.com/nl_be/tr_tonv_benl_s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo

0
-1 B

193ms
146ms

XHR
text/html

139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo

Requested by

Host: yourdailygift.com
URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Location: https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://yourdailygift.com
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 28 Jan 2020 16:56:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Origin: https://yourdailygift.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff

GET
H/1.1

302
Found

GqVMbfnRPQ Show response
right.tracksz.co/click/
Redirect Chain

https://g2agiftcard.com/exit-url/redirect?externalId=NL0kUzols0-5e3067b6e4c61b708d521802&type=geo
https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s

0
-1 B

117ms
116ms

XHR
text/html

139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Location: https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://yourdailygift.com
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 28 Jan 2020 16:56:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Origin: https://yourdailygift.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff

GET

d.php
right.tracksz.co/main/
Redirect Chain

https://right.tracksz.co/click/GqVMbfnRPQ?c3=101698&c4=9343&c5=NL0kUzols0-5e3067b6e4c61b708d521802&c8=nl_BE_tr_tonv_benl_s
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b918b768671a4233c1%26c3%3D101698%26c4%3D9343%26

0
0

GET
H/1.1

302
Found

redirect Show response
g2agiftcard.com/exit-url/
Redirect Chain

https://g2agiftcard.com/nl_be/tr_tonv_benl_s
https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo

0
-1 B

139ms
138ms

XHR
text/html

139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Location: https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://yourdailygift.com
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 28 Jan 2020 16:56:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Origin: https://yourdailygift.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=458729126&t=event&_s=3&dl=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tonv-benl-s-101698-9343&ea=00.%20load-campaign-error&el=NONE&ev=0&_u=KGBAAUADQ~&jid=&gjid=&cid=1028062312.1580230584&tid=UA-129693020-1&_gid=1964637068.1580230584&gtm=2ou1f1&z=184942651

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 11:08:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 539273
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

GqVMbfnRPQ Show response
right.tracksz.co/click/
Redirect Chain

https://g2agiftcard.com/exit-url/redirect?externalId=49b906cb6b726bd0cfdee3ac4cfa5bb6&type=geo
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s

0
-1 B

92ms
91ms

XHR
text/html

139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Location: https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://yourdailygift.com
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 28 Jan 2020 16:56:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Origin: https://yourdailygift.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff

GET

d.php
right.tracksz.co/main/
Redirect Chain

https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=49b906cb6b726bd0cfdee3ac4cfa5bb6&c8=nl_BE_tr_tonv_benl_s
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b987ff17251737e21a%26c3%3DNNACP%26c4%3DNPACN%26

0
0

GET
H2

200

d.php Show response
right.tracksz.co/main/
Redirect Chain

https://g2agiftcard.com/nl_be/tr_tonv_benl_s
https://g2agiftcard.com/exit-url/redirect?externalId=71893db6a952389dac49ef4ed4a16d2a&type=geo
https://right.tracksz.co/click/GqVMbfnRPQ?c3=NNACP&c4=NPACN&c5=71893db6a952389dac49ef4ed4a16d2a&c8=nl_BE_tr_tonv_benl_s
https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26

205 B
623 B

169ms
169ms

Document
text/html

52.11.114.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26
Requested by: Host: yourdailygift.com
URL: https://yourdailygift.com/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.114.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-114-101.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash: b2f42b31066e9837477a90ad7f1977f4107f1ce2d63311b9be9d78a7f3a7d4ff

Request headers

:method: GET
:authority: right.tracksz.co
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
accept-encoding: gzip, deflate, br
cookie: AWSALB=J7gGy7LcSSxqDvdaoeQK/Vto9uCHhq9DNnXVzVUGTpK/S74oZC9OqbqJ35N9spNvOn+lVbAwnD92a8/L2gb2r24EuRDVXj3X7hhE9JHy8KS3IjGdxXc6o+vp/H9J; AWSALBCORS=J7gGy7LcSSxqDvdaoeQK/Vto9uCHhq9DNnXVzVUGTpK/S74oZC9OqbqJ35N9spNvOn+lVbAwnD92a8/L2gb2r24EuRDVXj3X7hhE9JHy8KS3IjGdxXc6o+vp/H9J; XSRF-TOKEN=eyJpdiI6IlpcL0o1Vis3RDBYNU4yM1VwWFU5OU13PT0iLCJ2YWx1ZSI6InAzaXoxb083ajRJUHNcL3VNanJSb3dCV0Z3cXhsQjRock01TVBGN1wvWFFobFJNdTZtZ1wvNSttVFZwWm1RNDJXblR4STlETUVZQVwvelR2VGdwXC9ZUnVSVFE9PSIsIm1hYyI6ImIwNDc0MTJlYmZmMWY5NGZmMjFjMTZjNmJiMjhkZmQ3NjQwN2FiNWQ1NjgwNTY0MTQzMWI0NjhhOGI0MThjYWEifQ%3D%3D; session=eyJpdiI6InJ3dEZ1cUlmZ1g5dm9IQXphR3VvSWc9PSIsInZhbHVlIjoiQmpXZlZFQlwvbm1UVkZRM2swZW82OEhjMXVYN3VvYm55TWlObnI3ajI1QzFZQ1pzQWdvbk8wd3VNUTBPTm1kam03VjNteGpTbHYrWlB2MVNtZU9qZkF3PT0iLCJtYWMiOiIxMDAwMDE1ZmU0MDNjNmVhNTc0OGRiMDViZTJiYmJhNTI3MmYyYjVhYTQ2Njk1NTU1MWVjZDdjYjkwODAwZjVlIn0%3D; ept2=eyJpdiI6ImFCM1A0R09kQXhVWnVVTFNiQzNCbEE9PSIsInZhbHVlIjoiZUFQbHVDKzR0ZUw5QnVzNUdReW01d0ZXdDBxcVNVTlh0aDNoaWNEQm5NaWZaKzZ2aTV2NjFjXC92eEVYdGcwb01UYnphWldScEFTVTlDalBJZTdZRkFTSWhiNWJ5aVdBQ2ZJTlNUeDdMYktvVFZTcnBHMnlYS0JwdHBvOTlBR2NMMjJDaHVybjUzTTIrdkZ4OTN2RzlCXC82V3ZhN0NyYjlTTldKdUJJTEt1bkcybStrSzM0MXNoYm9UbWtQSzZmZ1MiLCJtYWMiOiI1MjNiMTZmMTdmYzYzZWQ2YWYwMjVjZTBjZTJjMmZjY2NjYmZkOGMwODk0NGU3NWE3NmRlMWZkZTc4MWU0MTEyIn0%3D; XUdjACNuYfO6zIt53AE3wjbUcZnD7DIOVL8I6JoA=eyJpdiI6IlJxVWExMnY3aXg3b2pHd2NiY2NtVUE9PSIsInZhbHVlIjoiSElwRXljMGFIZDFaZDdUeVZtOFZOekF2KzAwd3BPXC8wdW1ibXNcL0Z2WXNnb3BsS1B1Z0h3bTZcLzFreVcyZXpmbXVSakpNaFR3aENSQUVhUUNIXC9RcVBtTENNcW8zT21MTFgyV2s3OG9UTmtsQnFIaWZlS3BNK1wvMXNFamVLWXRXQXpmOGtSNWo2VUM1dHNONkpwT3ZCTlwvb0dYaDNoNzZra3lNME1Cc3NmUjdkZ3I3cTkwWTBUYzFiRDY3clJcL2lQV0JJWElpOXEzZkRkTUxaQ04zZytnVnVWVDFqQWprTExRN0Z3Y21CSk0zYTdZd3ZudHN0ank0Mzc4SW9ya1FEYkdsbTB1MkNxZ01uSkNETmtJNnlmT3VpRmU0RU52RU96T2gzanN6THZyYXpUQzZaSzIzb3ZyZExWRTltZVl1MzhrZktJcHFDSXlrdzRPXC8yNk9FRVVxdEp2cWxrMVIzOXp0RVg0S2l6K2ZMUTJNNHNcL2FLZUJxQVFpWnUrY3h2THFXV3pVRytjcjJCbHE3MGtLUVBJR3lDdElJSEdwUm1COVVaU2QxeW1FXC9nOVdVOTlndHBBRTZ3aVdSNGZXTkNFeHliVHpRMjUyTmViSlV0bklJVVpRR1k0cndqUTllT1p4RkZVbU1tMWhHOFJQVmNTWG40Q1RzcUcyU2VJUTJ4QXd6TkpnSHpYWFdaTUVzZFpFa0VrQVwvXC85blJjenJaMGZhK3dzNHB6WVprZjdKZ2drZHJmcmtyS1llR0s2RDBYc0FTUHlrQXNsb0ZORkpHYnorK1Mrb1J6a28yWXczUTA4QzF5c01VYmJuQWx2eVdrMHNtSHZSZHVTRUpNVkh1YndLbWpveEprZXRtUnBNcTdnMHlVT0RMWlE9PSIsIm1hYyI6IjQ4ZjQ0N2MwNzJlN2NmNGNhZDQ3YTUzOTVhY2M0YTRmMGQ3OGIwYmFlMGQ2ZWEyY2QxMWJkYmQyNzFkN2NmNGQifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646

Response headers

status: 200
date: Tue, 28 Jan 2020 16:56:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=VUDbkBMWLe0W418dGEIMs8HWAXTgVbxhXLP4pjVtEv569YPJ5B1d0zi3YrlH4uBv2ofuH6o72EhBXrJKjNLfRs7WSs46C3fB4MoFxL6xA/ceXSCIC+B7kf5dVrj2; Expires=Tue, 04 Feb 2020 16:56:27 GMT; Path=/ AWSALBCORS=VUDbkBMWLe0W418dGEIMs8HWAXTgVbxhXLP4pjVtEv569YPJ5B1d0zi3YrlH4uBv2ofuH6o72EhBXrJKjNLfRs7WSs46C3fB4MoFxL6xA/ceXSCIC+B7kf5dVrj2; Expires=Tue, 04 Feb 2020 16:56:27 GMT; Path=/; SameSite=None; Secure
server: nginx/1.11.6
content-encoding: gzip

Redirect headers

status: 302
date: Tue, 28 Jan 2020 16:56:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=J7gGy7LcSSxqDvdaoeQK/Vto9uCHhq9DNnXVzVUGTpK/S74oZC9OqbqJ35N9spNvOn+lVbAwnD92a8/L2gb2r24EuRDVXj3X7hhE9JHy8KS3IjGdxXc6o+vp/H9J; Expires=Tue, 04 Feb 2020 16:56:26 GMT; Path=/ AWSALBCORS=J7gGy7LcSSxqDvdaoeQK/Vto9uCHhq9DNnXVzVUGTpK/S74oZC9OqbqJ35N9spNvOn+lVbAwnD92a8/L2gb2r24EuRDVXj3X7hhE9JHy8KS3IjGdxXc6o+vp/H9J; Expires=Tue, 04 Feb 2020 16:56:26 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6IlpcL0o1Vis3RDBYNU4yM1VwWFU5OU13PT0iLCJ2YWx1ZSI6InAzaXoxb083ajRJUHNcL3VNanJSb3dCV0Z3cXhsQjRock01TVBGN1wvWFFobFJNdTZtZ1wvNSttVFZwWm1RNDJXblR4STlETUVZQVwvelR2VGdwXC9ZUnVSVFE9PSIsIm1hYyI6ImIwNDc0MTJlYmZmMWY5NGZmMjFjMTZjNmJiMjhkZmQ3NjQwN2FiNWQ1NjgwNTY0MTQzMWI0NjhhOGI0MThjYWEifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:27 GMT; Max-Age=7200; path=/ session=eyJpdiI6InJ3dEZ1cUlmZ1g5dm9IQXphR3VvSWc9PSIsInZhbHVlIjoiQmpXZlZFQlwvbm1UVkZRM2swZW82OEhjMXVYN3VvYm55TWlObnI3ajI1QzFZQ1pzQWdvbk8wd3VNUTBPTm1kam03VjNteGpTbHYrWlB2MVNtZU9qZkF3PT0iLCJtYWMiOiIxMDAwMDE1ZmU0MDNjNmVhNTc0OGRiMDViZTJiYmJhNTI3MmYyYjVhYTQ2Njk1NTU1MWVjZDdjYjkwODAwZjVlIn0%3D; expires=Tue, 28-Jan-2020 18:56:27 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6ImFCM1A0R09kQXhVWnVVTFNiQzNCbEE9PSIsInZhbHVlIjoiZUFQbHVDKzR0ZUw5QnVzNUdReW01d0ZXdDBxcVNVTlh0aDNoaWNEQm5NaWZaKzZ2aTV2NjFjXC92eEVYdGcwb01UYnphWldScEFTVTlDalBJZTdZRkFTSWhiNWJ5aVdBQ2ZJTlNUeDdMYktvVFZTcnBHMnlYS0JwdHBvOTlBR2NMMjJDaHVybjUzTTIrdkZ4OTN2RzlCXC82V3ZhN0NyYjlTTldKdUJJTEt1bkcybStrSzM0MXNoYm9UbWtQSzZmZ1MiLCJtYWMiOiI1MjNiMTZmMTdmYzYzZWQ2YWYwMjVjZTBjZTJjMmZjY2NjYmZkOGMwODk0NGU3NWE3NmRlMWZkZTc4MWU0MTEyIn0%3D; expires=Wed, 29-Jan-2020 16:56:27 GMT; Max-Age=86400; path=/; HttpOnly XUdjACNuYfO6zIt53AE3wjbUcZnD7DIOVL8I6JoA=eyJpdiI6IlJxVWExMnY3aXg3b2pHd2NiY2NtVUE9PSIsInZhbHVlIjoiSElwRXljMGFIZDFaZDdUeVZtOFZOekF2KzAwd3BPXC8wdW1ibXNcL0Z2WXNnb3BsS1B1Z0h3bTZcLzFreVcyZXpmbXVSakpNaFR3aENSQUVhUUNIXC9RcVBtTENNcW8zT21MTFgyV2s3OG9UTmtsQnFIaWZlS3BNK1wvMXNFamVLWXRXQXpmOGtSNWo2VUM1dHNONkpwT3ZCTlwvb0dYaDNoNzZra3lNME1Cc3NmUjdkZ3I3cTkwWTBUYzFiRDY3clJcL2lQV0JJWElpOXEzZkRkTUxaQ04zZytnVnVWVDFqQWprTExRN0Z3Y21CSk0zYTdZd3ZudHN0ank0Mzc4SW9ya1FEYkdsbTB1MkNxZ01uSkNETmtJNnlmT3VpRmU0RU52RU96T2gzanN6THZyYXpUQzZaSzIzb3ZyZExWRTltZVl1MzhrZktJcHFDSXlrdzRPXC8yNk9FRVVxdEp2cWxrMVIzOXp0RVg0S2l6K2ZMUTJNNHNcL2FLZUJxQVFpWnUrY3h2THFXV3pVRytjcjJCbHE3MGtLUVBJR3lDdElJSEdwUm1COVVaU2QxeW1FXC9nOVdVOTlndHBBRTZ3aVdSNGZXTkNFeHliVHpRMjUyTmViSlV0bklJVVpRR1k0cndqUTllT1p4RkZVbU1tMWhHOFJQVmNTWG40Q1RzcUcyU2VJUTJ4QXd6TkpnSHpYWFdaTUVzZFpFa0VrQVwvXC85blJjenJaMGZhK3dzNHB6WVprZjdKZ2drZHJmcmtyS1llR0s2RDBYc0FTUHlrQXNsb0ZORkpHYnorK1Mrb1J6a28yWXczUTA4QzF5c01VYmJuQWx2eVdrMHNtSHZSZHVTRUpNVkh1YndLbWpveEprZXRtUnBNcTdnMHlVT0RMWlE9PSIsIm1hYyI6IjQ4ZjQ0N2MwNzJlN2NmNGNhZDQ3YTUzOTVhY2M0YTRmMGQ3OGIwYmFlMGQ2ZWEyY2QxMWJkYmQyNzFkN2NmNGQifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:27 GMT; Max-Age=7200; path=/; HttpOnly
server: nginx/1.11.6
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067bbba4d1c0df73ef976%26c3%3DNNACP%26c4%3DNPACN%26

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=458729126&t=event&_s=4&dl=https%3A%2F%2Fyourdailygift.com%2Ftonv-benl-s%3Fclickid%3DNL0kUzols0-5e3067b6e4c61b708d521802%26networkid%3D101698%26publisher%3D9343%26ept2%3D36be0c77-364f-4d0f-82c4-4dfa86aa2646&ul=en-us&de=UTF-8&dt=Win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tonv-benl-s-101698-9343&ea=00.%20load-campaign-error&el=NONE&ev=0&_u=KGBAAUADQ~&jid=&gjid=&cid=1028062312.1580230584&tid=UA-129693020-1&_gid=1964637068.1580230584&gtm=2ou1f1&z=874328338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 11:08:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 539274
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

d.php Show response
play.freegamelabs.com/main/
Redirect Chain

https://play.freegamelabs.com/click/v3kCw4bh1k6T4Gpgfk?affid=100135&c1=xp83fWOUdx-5e3067bbba4d1c0df73ef976&c3=NNACP&c4=NPACN&
https://play.freegamelabs.com/main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNAC...

248 B
651 B

168ms
168ms

Document
text/html

52.11.114.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://play.freegamelabs.com/main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.114.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-114-101.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash: f62171ce7de2ce94cd4b683b4349ebc3f7684195a40105dcad1ebb9c50fcb6bf

Request headers

:method: GET
:authority: play.freegamelabs.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: AWSALB=mKdQqkCgjHWijYOcp2ftQjPRQD4ANy185MtCmAM+2a0YH6x5mUvieELO6SHg/rdPJwrcmdS5aDWakQ2UU9aMjSJC7tdQ5K28Sx4ywsNxbrKWqpuvK2o1Kcb46oO4; AWSALBCORS=mKdQqkCgjHWijYOcp2ftQjPRQD4ANy185MtCmAM+2a0YH6x5mUvieELO6SHg/rdPJwrcmdS5aDWakQ2UU9aMjSJC7tdQ5K28Sx4ywsNxbrKWqpuvK2o1Kcb46oO4; XSRF-TOKEN=eyJpdiI6Inh2cUp4MGVcL2lHTXNZcVhKdEQ5MHNRPT0iLCJ2YWx1ZSI6Ik1SZmVtbW9WUW9hRXVpUkVTakRXV3k1RUNOYlZ0eDQyXC9jRHMxdjdLTXNkUTRVaVQ1Nk9RNU91RGhncldTZzNRTWRDaGxudDRucjRMZE5vZERpTjRjUT09IiwibWFjIjoiODJkOGU2ODRlYjgzZWFlYmE2MTFkZjM2YWFhZTlmNGU3NjZkOGQxNjIyYjEwNjI5OTAxNDE5MmNiYmVhZWJkYyJ9; session=eyJpdiI6ImQ3YldPM2hFWFJlSXk5djlSdHhkRlE9PSIsInZhbHVlIjoiSHFEM2hSYVV3UmVrYmFjc0NcL1hkQkNiTllXU1BNdGdwN3R5NU15VXVSMG1Oc0RJaGlka21hMTN2MURrdVlxK1NZSTJyblBcL0lhS2hzVDY5U1JcLzBWY3c9PSIsIm1hYyI6IjgzMzgzZjM2NmM2ZWI4ZmU0NzA0MzM2NzZiZTliYTc2MGJiZDVjMjMwYWNlZjdmODg3MDEzM2Q4MjZkNDVmODMifQ%3D%3D; ept2=eyJpdiI6Im1LeU5FK0pvMVE1OWJKdzcySU93bFE9PSIsInZhbHVlIjoieFJnU0kxc3hmSG1zeUlNSVZrbXMyRHE0QW0xQW5PQTVWUFFtYk9tSHdZeCszMVhPdmRjOTZLOEJXZVBlSEV3bHBTTVFVdEY0bFpiUHdSb01tTUZ6WGI3SjVwbnN2K1FSeFZTSVwvSVRVUFpQSlFvY3lxcDRlam5aM1pZVFhabGtjTWtsT1dMQ1Zna3RCYkZXc2NIaHRFOW9xY1wvUUYxZ3g2Z2xOdlZFUDNORk04XC9TcllQQWZPVzY0YllMSklLXC9VcCIsIm1hYyI6ImU3NGY0YWQ1ODk4OTY1YWRkNzVjMzUwN2FmNmJjY2JkMjJjNTllYzAwYzBmMTM2NGJlMWQxMzJiNGQ0ZjQ5YTEifQ%3D%3D; 9SsHwXykFwx05k7VpqXBrxHAiYA52G4l2yKV0aW3=eyJpdiI6InVhT21LT1YyNVdYSGw3QTVMcW1jY0E9PSIsInZhbHVlIjoiN3Vlck95Z3U5XC9keGNLdkF4bVdBZ1pxOGtuOU50b0g3N3J2TDZJSlhJZXM1V2FEXC9JWlYzaDF6N0hBdDVvclZzejI5VE1HVTgrQkVISGZpVGJ3YVp4cDNUWjNFTUlUQkk3aU1Td0JZeXRLZ0duUzNCYXZOcCtNamE4eU9ldkU2bVVlVkhVdUlDa0dkdTNTY3hBSmRXam1HSVZTUE5BU2ZJcW1PbGJKdDk4Z0dBMFcrZFBcL1VTbmpWY21pRVVVM282eFRLMjhaOStHWFc4VjdLTmlcL01GMllYT0krT284enlYZnFuVzRzUjlvdUhRbWZEWGhKbWIyMVpVWVpIZXFYTkdSVFhQWkdEcG5IR2xOU1JBWmVsWEs2amJqWG1DSFhiOXZZNTJqUU1lXC9HTys5Tm1jNXJrc3hEM1RxSHJOcG9DT3hFZVwvVG1nXC91RlZnbGhsVWJuZEhub1VtdnFCcG1sdlwvNXF2eWd4d1JSYXptSUM5UFwvNnE0dW4zUXVaXC9ldXVvSG5oMWtXYlM3aW9CUXRHaEZadmVxUGF0K0NzVUNuVWM2Q1dJN3NIYTAzZ2lqVjNCT0M5MVk5UVRYclwvdjJ5STByNnF1WTQ3cmNDdE12Szh0blBsN204YlBxMGx1MWk2NXFtRHNNcWVwYlRkK2EzNTkxNk51SWxFcWlpYk9aaDRPSXFidkYydU9uS0pXXC9YUzJTXC9LRm5hd0M2dVwvd1pcL0VGUEZqbUV4YVRMcGxva0kwbUhHVVRPXC9rMHZjbkRPWVNoZXdjWktmdEMyU2F4Q2hOTlJXRngySUcyTmo0cCtNTm5jRVFUT1FNNzBtTlRFSzJXUGRQcWdyTVRPVlc0SUNYeVo1cjJCS0VNTkJaOHFaUWQ2MDU2c05RPT0iLCJtYWMiOiIwNGY3NzA0MTc0NjJlYWY5YjcwMTk4ZDdmNWRkMDg3YTY3ZGI2NDgzYjFjNmQ3MGE5MTRhMTI3MTdjODM2MjVlIn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jan 2020 16:56:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=D4Sq7PpXUohlZlofc7SgDcajd4CSKfMtwtua+eBu94e/OUj7IUGKZ8ClG6NTHUPWt/Inu/7mXuS7m3aM9uFPHSS4qyxOiGlb4lcJWF+WIqeWcm3My0WDC97c9MnA; Expires=Tue, 04 Feb 2020 16:56:28 GMT; Path=/ AWSALBCORS=D4Sq7PpXUohlZlofc7SgDcajd4CSKfMtwtua+eBu94e/OUj7IUGKZ8ClG6NTHUPWt/Inu/7mXuS7m3aM9uFPHSS4qyxOiGlb4lcJWF+WIqeWcm3My0WDC97c9MnA; Expires=Tue, 04 Feb 2020 16:56:28 GMT; Path=/; SameSite=None; Secure
server: nginx/1.11.6
content-encoding: gzip

Redirect headers

status: 302
date: Tue, 28 Jan 2020 16:56:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=mKdQqkCgjHWijYOcp2ftQjPRQD4ANy185MtCmAM+2a0YH6x5mUvieELO6SHg/rdPJwrcmdS5aDWakQ2UU9aMjSJC7tdQ5K28Sx4ywsNxbrKWqpuvK2o1Kcb46oO4; Expires=Tue, 04 Feb 2020 16:56:27 GMT; Path=/ AWSALBCORS=mKdQqkCgjHWijYOcp2ftQjPRQD4ANy185MtCmAM+2a0YH6x5mUvieELO6SHg/rdPJwrcmdS5aDWakQ2UU9aMjSJC7tdQ5K28Sx4ywsNxbrKWqpuvK2o1Kcb46oO4; Expires=Tue, 04 Feb 2020 16:56:27 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6Inh2cUp4MGVcL2lHTXNZcVhKdEQ5MHNRPT0iLCJ2YWx1ZSI6Ik1SZmVtbW9WUW9hRXVpUkVTakRXV3k1RUNOYlZ0eDQyXC9jRHMxdjdLTXNkUTRVaVQ1Nk9RNU91RGhncldTZzNRTWRDaGxudDRucjRMZE5vZERpTjRjUT09IiwibWFjIjoiODJkOGU2ODRlYjgzZWFlYmE2MTFkZjM2YWFhZTlmNGU3NjZkOGQxNjIyYjEwNjI5OTAxNDE5MmNiYmVhZWJkYyJ9; expires=Tue, 28-Jan-2020 18:56:28 GMT; Max-Age=7200; path=/ session=eyJpdiI6ImQ3YldPM2hFWFJlSXk5djlSdHhkRlE9PSIsInZhbHVlIjoiSHFEM2hSYVV3UmVrYmFjc0NcL1hkQkNiTllXU1BNdGdwN3R5NU15VXVSMG1Oc0RJaGlka21hMTN2MURrdVlxK1NZSTJyblBcL0lhS2hzVDY5U1JcLzBWY3c9PSIsIm1hYyI6IjgzMzgzZjM2NmM2ZWI4ZmU0NzA0MzM2NzZiZTliYTc2MGJiZDVjMjMwYWNlZjdmODg3MDEzM2Q4MjZkNDVmODMifQ%3D%3D; expires=Tue, 28-Jan-2020 18:56:28 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6Im1LeU5FK0pvMVE1OWJKdzcySU93bFE9PSIsInZhbHVlIjoieFJnU0kxc3hmSG1zeUlNSVZrbXMyRHE0QW0xQW5PQTVWUFFtYk9tSHdZeCszMVhPdmRjOTZLOEJXZVBlSEV3bHBTTVFVdEY0bFpiUHdSb01tTUZ6WGI3SjVwbnN2K1FSeFZTSVwvSVRVUFpQSlFvY3lxcDRlam5aM1pZVFhabGtjTWtsT1dMQ1Zna3RCYkZXc2NIaHRFOW9xY1wvUUYxZ3g2Z2xOdlZFUDNORk04XC9TcllQQWZPVzY0YllMSklLXC9VcCIsIm1hYyI6ImU3NGY0YWQ1ODk4OTY1YWRkNzVjMzUwN2FmNmJjY2JkMjJjNTllYzAwYzBmMTM2NGJlMWQxMzJiNGQ0ZjQ5YTEifQ%3D%3D; expires=Wed, 29-Jan-2020 16:56:28 GMT; Max-Age=86400; path=/; HttpOnly 9SsHwXykFwx05k7VpqXBrxHAiYA52G4l2yKV0aW3=eyJpdiI6InVhT21LT1YyNVdYSGw3QTVMcW1jY0E9PSIsInZhbHVlIjoiN3Vlck95Z3U5XC9keGNLdkF4bVdBZ1pxOGtuOU50b0g3N3J2TDZJSlhJZXM1V2FEXC9JWlYzaDF6N0hBdDVvclZzejI5VE1HVTgrQkVISGZpVGJ3YVp4cDNUWjNFTUlUQkk3aU1Td0JZeXRLZ0duUzNCYXZOcCtNamE4eU9ldkU2bVVlVkhVdUlDa0dkdTNTY3hBSmRXam1HSVZTUE5BU2ZJcW1PbGJKdDk4Z0dBMFcrZFBcL1VTbmpWY21pRVVVM282eFRLMjhaOStHWFc4VjdLTmlcL01GMllYT0krT284enlYZnFuVzRzUjlvdUhRbWZEWGhKbWIyMVpVWVpIZXFYTkdSVFhQWkdEcG5IR2xOU1JBWmVsWEs2amJqWG1DSFhiOXZZNTJqUU1lXC9HTys5Tm1jNXJrc3hEM1RxSHJOcG9DT3hFZVwvVG1nXC91RlZnbGhsVWJuZEhub1VtdnFCcG1sdlwvNXF2eWd4d1JSYXptSUM5UFwvNnE0dW4zUXVaXC9ldXVvSG5oMWtXYlM3aW9CUXRHaEZadmVxUGF0K0NzVUNuVWM2Q1dJN3NIYTAzZ2lqVjNCT0M5MVk5UVRYclwvdjJ5STByNnF1WTQ3cmNDdE12Szh0blBsN204YlBxMGx1MWk2NXFtRHNNcWVwYlRkK2EzNTkxNk51SWxFcWlpYk9aaDRPSXFidkYydU9uS0pXXC9YUzJTXC9LRm5hd0M2dVwvd1pcL0VGUEZqbUV4YVRMcGxva0kwbUhHVVRPXC9rMHZjbkRPWVNoZXdjWktmdEMyU2F4Q2hOTlJXRngySUcyTmo0cCtNTm5jRVFUT1FNNzBtTlRFSzJXUGRQcWdyTVRPVlc0SUNYeVo1cjJCS0VNTkJaOHFaUWQ2MDU2c05RPT0iLCJtYWMiOiIwNGY3NzA0MTc0NjJlYWY5YjcwMTk4ZDdmNWRkMDg3YTY3ZGI2NDgzYjFjNmQ3MGE5MTRhMTI3MTdjODM2MjVlIn0%3D; expires=Tue, 28-Jan-2020 18:56:28 GMT; Max-Age=7200; path=/; HttpOnly
server: nginx/1.11.6
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f

GET
H/1.1 200
OK Primary Request Cookie set tr_myphonexsnopre Show response
g2aweeklysale.com/en_uk/ 134 KB
25 KB 237ms
174ms Document
text/html 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

06919e4b0900dbd665ee2bc94262a9560819222b9745acdb7d793d3e55916883

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: g2aweeklysale.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: nginx
Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: _csrf-frontend=bafc0f4401aac458ef3c1e7006c75e557ab7f284932f044c10a4ff3ee0bf4ba2a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22-BwAXPkxmKgSiBKQr7yq_VbIjvIWJN-D%22%3B%7D; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding: gzip

GET
H/1.1 200
OK common.css
g2aweeklysale.com/bundles/ 2 KB
1 KB 72ms
71ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/common.css?v=1579697307

Requested by

Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:27 GMT
Server: nginx
ETag: W/"5e28449b-72b"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flamingo_main_style.css
g2aweeklysale.com/bundles/ 118 KB
27 KB 134ms
91ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/flamingo_main_style.css?v=1579697338

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a6888640a743121a545a43d8c95ba418fe79f09c08086d7e2b35db51efad76c9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:58 GMT
Server: nginx
ETag: W/"5e2844ba-1d925"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flamingo_layout_layout-4steps.css
g2aweeklysale.com/bundles/ 39 KB
7 KB 131ms
85ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/flamingo_layout_layout-4steps.css?v=1579697339

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a6b03a9843d01dab19b4a2cb72198e72de48c05002bf0f7492babf2a3ace85c1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:59 GMT
Server: nginx
ETag: W/"5e2844bb-9db3"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flamingo_color_purpur.css
g2aweeklysale.com/bundles/ 12 KB
2 KB 116ms
70ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/flamingo_color_purpur.css?v=1579697340

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

10af6ce0f2dc087cbb173fbdf6ea8aef90686a1228f91a6732e78a9b5e817614

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:49:00 GMT
Server: nginx
ETag: W/"5e2844bc-2fb5"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flamingo_brand_samsung-s9-uk.css
g2aweeklysale.com/bundles/ 7 KB
2 KB 123ms
72ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1579697342

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

69c3800f465a87971550255d714c5ea6d6f28128ae4bd7c580e418781c6c36f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:49:02 GMT
Server: nginx
ETag: W/"5e2844be-1c38"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flamingo_extra_empty.css
g2aweeklysale.com/bundles/ 0
389 B 121ms
70ms Stylesheet
text/css 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/flamingo_extra_empty.css?v=1579697350

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:49:10 GMT
Server: nginx
ETag: "5e2844c6-0"
Content-Type: text/css
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2_b5fe12b698a1d5c0fc31671c298d5a86.png
g2aweeklysale.com/uploads/landings/8582/main/ 261 KB
261 KB 88ms
88ms Image
image/png 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g2aweeklysale.com/uploads/landings/8582/main/2_b5fe12b698a1d5c0fc31671c298d5a86.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

03c92844ae99eb50dfa1d4d55a26e7e0f598ed58abe95aa4b096954ee773355d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 21 Jan 2019 10:24:22 GMT
Server: nginx
ETag: "5c459dd6-4134f"
Content-Type: image/png
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 267087
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 3_c8fca2054d5024f10411ea0b17dbb79e.jpg
g2aweeklysale.com/uploads/landings/8582/main/ 136 KB
136 KB 74ms
74ms Image
image/jpeg 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g2aweeklysale.com/uploads/landings/8582/main/3_c8fca2054d5024f10411ea0b17dbb79e.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

82316bdd6826499d67dd7aa90acfc22bdd256dd5304b6ef1b60d83c6d7004a0e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 21 Jan 2019 10:24:22 GMT
Server: nginx
ETag: "5c459dd6-21ec9"
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 138953
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 4_3626a44cdcc1727867ede99dc0bd920a.svg
g2aweeklysale.com/uploads/landings/8582/main/ 2 KB
1 KB 78ms
77ms Image
image/svg+xml 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2aweeklysale.com/uploads/landings/8582/main/4_3626a44cdcc1727867ede99dc0bd920a.svg
Requested by: Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Jan 2019 10:24:47 GMT
Server: nginx
ETag: W/"5c459def-7c3"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Expires: Tue, 04 Feb 2020 16:56:28 GMT

GET
H/1.1 200
OK 5_81eabdb7d70e87e9c8922ee54fe608ad.svg
g2aweeklysale.com/uploads/landings/8582/main/ 662 B
717 B 63ms
63ms Image
image/svg+xml 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2aweeklysale.com/uploads/landings/8582/main/5_81eabdb7d70e87e9c8922ee54fe608ad.svg
Requested by: Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Jan 2019 10:24:47 GMT
Server: nginx
ETag: W/"5c459def-296"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Expires: Tue, 04 Feb 2020 16:56:28 GMT

GET
H/1.1 200
OK 6_b62296920055904f4785d97394b4de91.svg
g2aweeklysale.com/uploads/landings/8582/main/ 773 B
793 B 68ms
68ms Image
image/svg+xml 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2aweeklysale.com/uploads/landings/8582/main/6_b62296920055904f4785d97394b4de91.svg
Requested by: Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Jan 2019 10:24:47 GMT
Server: nginx
ETag: W/"5c459def-305"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Expires: Tue, 04 Feb 2020 16:56:28 GMT

GET
H2 200 EHawkTalon.js Show response
djjcyqvteia9v.cloudfront.net/ 43 KB
14 KB 8ms
5ms Script
text/javascript 2600:9000:214f:8400:2:7bf5:a0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:8400:2:7bf5:a0c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, ALLOW-FROM https://www.e-hawk.net/

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:07:34 GMT
content-encoding: gzip
age: 11292534
x-cache: Hit from cloudfront
status: 200
content-length: 13571
last-modified: Wed, 27 Sep 2017 11:06:08 GMT
server: Apache
x-frame-options: SAMEORIGIN, ALLOW-FROM https://www.e-hawk.net/
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: prdAdMEHpR9cWypNI_Qckj9sgN8G2i8PTW17HnVtTBoQ2S-OmMbSwQ==

GET
H2 200 5caf02536774b.png
cdn.cloudcnt.com/uploads/entityLogos/ 3 KB
4 KB 25ms
6ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/uploads/entityLogos/5caf02536774b.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81536
x-cache: Hit from cloudfront
status: 200
content-length: 3423
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Apr 2019 09:01:07 GMT
server: nginx
date: Mon, 27 Jan 2020 18:17:32 GMT
content-type: image/png
etag: "5caf0253-d5f"
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: NdNR7qbLr5-VEeAvF0H70sGAdKhB_Ww_FTDOUxu-hmFVTR8bLQxN-Q==

GET
H/1.1 200
OK common.js Show response
g2aweeklysale.com/bundles/ 419 KB
119 KB 70ms
67ms Script
application/javascript 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/bundles/common.js?v=1579697306

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

85db3449de25ea36d3baa5f014f907dca7b5925cfb341e074b5d73eea8d38e2e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:26 GMT
Server: nginx
ETag: W/"5e28449a-68b57"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Form.js Show response
g2aweeklysale.com/assets/2ccf526a/js/ 9 KB
2 KB 68ms
66ms Script
application/javascript 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/assets/2ccf526a/js/Form.js?v=1579697380

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7090c8ce3dc1702e3f2c0408de14f7a8f677586187b7b41d46826d157de36b82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:49:40 GMT
Server: nginx
ETag: W/"5e2844e4-2275"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scripts.js Show response
g2aweeklysale.com/assets/584505b6/js/ 2 KB
1 KB 69ms
68ms Script
application/javascript 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/assets/584505b6/js/scripts.js?v=1579697383

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:49:43 GMT
Server: nginx
ETag: W/"5e2844e7-7d2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
849 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:56:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
584 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700,800,900&subset=latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54de54b8aaf9245d016bf0adb5cf807195b6c883648f313e197a753f9f723410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:56:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 34 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc145d0975da5e2963e8398c481060bb79c97fc25bf7e501f46e7750a500d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:56:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 432 B
332 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Indie+Flower

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60be40bf02cb3a188131b1b23820333b0d6e1bd386f89924c91dcf79ef6e15fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:56:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:28 GMT

GET
H2 200 hotjar-1166273.js Show response
static.hotjar.com/c/ 3 KB
2 KB 33ms
32ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1166273.js?sv=5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress1

Software

Resource Hash

d41b2bc68aa10c4d3abef1aa9dbfa1a2937e96092d51d178578dcbfc140a1610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 133
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1586
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/4e934b47c57e2751a34eeec5f3044859
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.088
accept-ranges: bytes
section-io-id: 5512d0d6f07bce35039254b6467ff192
section-origin-responded: true

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 65 B
715 B 513ms
155ms Script
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&callback=adScoreCORS&cb=0.1350094544530236&pid=1000432&&tid=100135&l1=UK&l2=NNACP&l3=tr_myphonexsnopre&pub_domain=g2aweeklysale.com
Requested by: Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6b2ee4913b17657576bb1390520e292b6c373289a44a381d62daf18bab312fdb

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 16:56:29 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 65

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4693
date: Tue, 28 Jan 2020 15:38:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 28 Jan 2020 17:38:15 GMT

GET
H/1.1 200
OK 1_57d8400944fb679b40ad2f462d101e88.jpg
g2aweeklysale.com/uploads/landings/8582/main/ 621 KB
622 KB 69ms
68ms Image
image/jpeg 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g2aweeklysale.com/uploads/landings/8582/main/1_57d8400944fb679b40ad2f462d101e88.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4ed67c754980cf1396d83b28a841f8129a7115a601e1b46832237a42e23e230f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 21 Jan 2019 10:24:22 GMT
Server: nginx
ETag: "5c459dd6-9b5a1"
Content-Type: image/jpeg
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 636321
X-XSS-Protection: 1; mode=block

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Origin: https://g2aweeklysale.com

Response headers

date: Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 5874181
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:13:27 GMT

GET
H/1.1 200
OK lock_grey.png
g2aweeklysale.com/bundles/584505b6/images/ 2 KB
3 KB 95ms
62ms Image
image/png 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g2aweeklysale.com/bundles/584505b6/images/lock_grey.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/bundles/flamingo_layout_layout-4steps.css?v=1579697339
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:28 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:00 GMT
Server: nginx
ETag: "5e284480-898"
Content-Type: image/png
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 2200
X-XSS-Protection: 1; mode=block

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Origin: https://g2aweeklysale.com

Response headers

date: Wed, 22 Jan 2020 09:58:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 543477
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9192
x-xss-protection: 0
expires: Thu, 21 Jan 2021 09:58:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Origin: https://g2aweeklysale.com

Response headers

date: Fri, 10 Jan 2020 02:29:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1607189
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Sat, 09 Jan 2021 02:29:59 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: djjcyqvteia9v.cloudfront.net
URL: https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Origin: https://g2aweeklysale.com

Response headers

date: Thu, 23 Jan 2020 06:13:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 470579
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 06:13:29 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin: https://g2aweeklysale.com

Response headers

date: Thu, 23 Jan 2020 06:30:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 469578
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Fri, 22 Jan 2021 06:30:10 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin: https://g2aweeklysale.com

Response headers

date: Thu, 23 Jan 2020 10:26:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 455426
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:26:02 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 168 KB
32 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NMNT8LS&cid=1783207207.1580230589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ea1118be5ec27c0020d3323530eb40324ddd278c8a1bcf85e116690191e3d5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:28 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 32533
x-xss-protection: 0
expires: Tue, 28 Jan 2020 16:56:28 GMT

GET
H2 200 modules.9ad849c74ae56ab50f63.js Show response
script.hotjar.com/ 401 KB
70 KB 28ms
28ms Script
application/javascript 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9ad849c74ae56ab50f63.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1166273.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash: 5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 16:56:28 GMT
content-encoding: br
content-type: application/javascript
age: 8220
status: 200
section-io-cache: Hit
content-length: 71256
last-modified: Tue, 28 Jan 2020 14:35:53 GMT
etag: "1d20895803c0fbc2ae7dc220b20b6a79"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
accept-ranges: bytes
section-io-id: fa2fc2c9023897d2162f41d3768bed4f
section-origin-responded: true

GET
H/1.1 200
OK valid.png
g2aweeklysale.com/bundles/584505b6/images/ 3 KB
4 KB 68ms
68ms Image
image/png 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g2aweeklysale.com/bundles/584505b6/images/valid.png

Requested by

Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/bundles/common.js?v=1579697306

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

219be728c7e01deabaf9c0391fcd6b511002585c3f04b55d8fb431eeea3d680a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/bundles/flamingo_main_style.css?v=1579697338
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 22 Jan 2020 12:48:00 GMT
Server: nginx
ETag: "5e284480-d7d"
Content-Type: image/png
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Accept-Ranges: bytes
Content-Length: 3453
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sponsor Show response
g2aweeklysale.com/ 48 KB
12 KB 242ms
241ms XHR
application/json 139.59.199.9
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g2aweeklysale.com/sponsor?externalId=qO03UO8yhK-5e3067bbbe680663795f14e6

Requested by

Host: g2aweeklysale.com
URL: https://g2aweeklysale.com/bundles/common.js?v=1579697306

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

139.59.199.9 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

45dd6cdfd70864469a00344d268ee6047193b0eb0c425b859b2b694f61db1b6d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 16:56:29 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection: 1; mode=block

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=249230177&t=pageview&_s=1&dl=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111639877-1&cid=1783207207.1580230589&jid=916958542&_gid=1409428581.1580230589&gjid=257804098&_v=j79&z=470877555

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111639877-1&cid=1783207207.1580230589&jid=916958542&_gid=1409428581.1580230589&gjid=257804098&_v=j79&z=470877555

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 28 Jan 2020 16:56:29 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 16:56:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111639877-1&cid=1783207207.1580230589&jid=916958542&_gid=1409428581.1580230589&gjid=257804098&_v=j79&z=470877555
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=249230177&t=event&_s=2&dl=https%3A%2F%2Fg2aweeklysale.com%2Fen_uk%2Ftr_myphonexsnopre%3Fclickid%3DqO03UO8yhK-5e3067bbbe680663795f14e6%26networkid%3D100135%26publisher%3DNNACP%26ept2%3Dec88e321-03af-4a1e-ae37-8ff5fb7cce8f&ul=en-us&de=UTF-8&dt=Win%20now!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=tr_myphonexsnopre.100135.NNACP&ea=01.%20home&_u=aGBAAEADQ~&jid=&gjid=&cid=1783207207.1580230589&tid=UA-111639877-1&_gid=1409428581.1580230589&z=341305314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 11:08:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 539277
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame E5F3 0
0 30ms
30ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1166273.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f

Response headers

status: 200
date: Tue, 28 Jan 2020 16:56:29 GMT
content-type: text/html
content-length: 808
last-modified: Thu, 23 Jan 2020 16:00:40 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.120
section-origin-responded: true
age: 435021
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: c27170bf61bb3313ba9730d6c5d4ab4e

GET
H2 200 5b72c8e1db122.jpg
cdn.cloudcnt.com/content/image/ 12 KB
13 KB 23ms
23ms Image
image/jpeg 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b72c8e1db122.jpg?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16dda333f26bb21b43622ff1ce9d270d45af9bb5ded089f8cd5020eb0c4b183c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 27 Jan 2020 21:48:54 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 68855
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rxa2Ukemys5dkdxU8UArFRh9TrSoUAhSkwMJX9cfF2ea1laVOX3tEw==
x-content-type-options: nosniff

GET
H2 200 5b753b0f22993.jpg
cdn.cloudcnt.com/content/image/ 11 KB
12 KB 11ms
10ms Image
image/jpeg 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b753b0f22993.jpg?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 13:16:19 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 186010
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: s59AuoOOI63Izi0AILQnnZevd0fl2DZw8gckS2BpQ8DjubwVCPrAgQ==
x-content-type-options: nosniff

GET
H2 200 5b76affe818db.jpeg
cdn.cloudcnt.com/content/image/ 72 KB
73 KB 25ms
23ms Image
image/jpeg 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b76affe818db.jpeg?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5dabdb8c1dca6e015b6a4b694340e745fb29f3f5ba4c85874b341f3df2d66d39

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 13:45:26 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 184263
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1heHxW4phA1eNlmi8mWdC6KqUnBLPHqTYddEB8UG2347-olFYUQ_mQ==
x-content-type-options: nosniff

GET
H2 200 5b86bc0991864.png
cdn.cloudcnt.com/content/image/ 12 KB
13 KB 25ms
24ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b86bc0991864.png?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9c2a3e606436439e62af199ee7625053a5c95682f0aa58c71e7a101e44cb8d43

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 27 Jan 2020 22:56:10 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 64819
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: urJaiw7amhCQ322fwKwSKfVwO0nzcvBcjHylgLb1cTttveffdRXRlw==
x-content-type-options: nosniff

GET
H2 200 5d41964fdc724.png
cdn.cloudcnt.com/content/image/ 18 KB
18 KB 13ms
12ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d41964fdc724.png?size=500

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fbe60ca37dc128f1c6191be42c0e9595d1e805d3d4f52841872b7b4db6522b75

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 10:09:33 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 24416
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: sacDg8ZRuTt_8suxBy_gjA-TJzie6x6KIT-Ls9b7QfdweI3HWtZC5g==
x-content-type-options: nosniff

GET
H2 200 5e2eb09f03f12.png
cdn.cloudcnt.com/content/image/ 53 KB
53 KB 18ms
17ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e2eb09f03f12.png?size=500

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

72cea0816ef20831085b24bb26e7f58f499db323bd3948e077b65a7c06492c82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 27 Jan 2020 09:42:55 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 112414
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: aHOF8Zq98RW9qFGn2y86h7QNEaohutuKZBrDY-AuTCN2U_j4Uhatmw==
x-content-type-options: nosniff

GET
H2 200 5c1cbc6169c1f.png
cdn.cloudcnt.com/content/image/ 7 KB
7 KB 15ms
14ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c1cbc6169c1f.png?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dfd1e721134e0b5b60406e0db3b4daa027843863a65cac8099ccec3e9c1ca91f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 13:16:19 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 186010
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Jls7WWUBGa8yah9WWyRoG7qAcMhuauSQpV4vpN9P-0m_p_rgCMu-iA==
x-content-type-options: nosniff

GET
H2 200 5cfa722f14649.png
cdn.cloudcnt.com/content/image/ 3 KB
4 KB 21ms
21ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5cfa722f14649.png?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

77c7aef16240ff874d9a3437a30b1498186f10d53bd6d225577dbc854362f49d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 13:14:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 186097
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: jdpw5jd6Rdft2MKQquLzCOoalNXkRrtxM8EPBfmBSld0kgAGSHPBBw==
x-content-type-options: nosniff

GET
H2 200 5dc2c429858f9.jpg
cdn.cloudcnt.com/content/image/ 16 KB
16 KB 22ms
21ms Image
image/jpeg 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5dc2c429858f9.jpg?size=500

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d43d1ad622f3d01290b2f28aec6c01ccb8ff708c6f76cb7156223702a8d049c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 13:53:50 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 10959
x-cache: Hit from cloudfront
content-type: image/JPEG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: vFYoLprQTFMNR_wD2T9YWaLmZYKPQJWt5wCA7IRX9TIBe4_qyaF55g==
x-content-type-options: nosniff

GET
H2 200 5d8dd415ec4fa.png
cdn.cloudcnt.com/content/image/ 8 KB
8 KB 15ms
15ms Image
image/png 2600:9000:214f:5c00:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d8dd415ec4fa.png?size=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:5c00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40f3519b1a58b00e2711ec5df1196f68e6f57935f130e5e90ccbf9e371353eca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g2aweeklysale.com/en_uk/tr_myphonexsnopre?clickid=qO03UO8yhK-5e3067bbbe680663795f14e6&networkid=100135&publisher=NNACP&ept2=ec88e321-03af-4a1e-ae37-8ff5fb7cce8f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 13:16:19 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 186010
x-cache: Hit from cloudfront
content-type: image/PNG
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=259200
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: tI5e-c5VV874HskFtMPA-vgQdyPUTfk4kR6cvkcR3TfgG7duDQoMGA==
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: right.tracksz.co
URL: https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b918b768671a4233c1%26c3%3D101698%26c4%3D9343%26

Domain: right.tracksz.co
URL: https://right.tracksz.co/main/d.php?s=1&link=https%3A%2F%2Fplay.freegamelabs.com%2Fclick%2Fv3kCw4bh1k6T4Gpgfk%3Faffid%3D100135%26c1%3Dxp83fWOUdx-5e3067b987ff17251737e21a%26c3%3DNNACP%26c4%3DNPACN%26

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.g2aweeklysale.com/	1970-01-19 06:57:10	Name: _gat Value: 1
.g2aweeklysale.com/	1970-01-19 15:29:48	Name: _hjid Value: 7bfccad6-c397-456d-b330-9ac3a102e688
.g2aweeklysale.com/	1970-01-19 06:58:36	Name: _gid Value: GA1.2.1409428581.1580230589
.g2aweeklysale.com/	1970-01-20 00:28:22	Name: _ga Value: GA1.2.1783207207.1580230589
g2aweeklysale.com/	1969-12-31 23:59:59	Name: _csrf-frontend Value: bafc0f4401aac458ef3c1e7006c75e557ab7f284932f044c10a4ff3ee0bf4ba2a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22-BwAXPkxmKgSiBKQr7yq_VbIjvIWJN-D%22%3B%7D
g2aweeklysale.com/en_uk	1970-01-22 22:37:33	Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.5%22%2C%22a%22%3A3142211985%2C%22b%22%3A%22a0eaa3abb3e4022113d769823efcf2eb%22%2C%22c%22%3A1580230589344%2C%22d%22%3A%22aad91aff04c4fbb6d179c219e207607b%22%2C%22e%22%3A%22%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://yourdailygift.com/tonv-benl-s?clickid=NL0kUzols0-5e3067b6e4c61b708d521802&networkid=101698&publisher=9343&ept2=36be0c77-364f-4d0f-82c4-4dfa86aa2646(Line 92) Message: tonv-benl-s-101698-9343
console-api	log	URL: https://yourdailygift.com/campaigns/829/scripts/script.min.js(Line 1) Message: just a test line

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

achraflz3er.dynu.net
cdn.cloudcnt.com
click.trlxcf01.com
code.jquery.com
data.ad-score.com
djjcyqvteia9v.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
g2agiftcard.com
g2aweeklysale.com
maxcdn.bootstrapcdn.com
play.freegamelabs.com
right.tracksz.co
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.coverbits.com
www.google-analytics.com
www.googletagmanager.com
yourdailygift.com
right.tracksz.co
130.211.115.4
139.59.199.9
147.75.102.13
169.61.31.226
185.128.34.116
188.213.174.74
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3a
2600:9000:214f:5c00:b:413c:b700:93a1
2600:9000:214f:8400:2:7bf5:a0c0:21
2606:4700:3035::6812:32dc
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c06::9d
52.11.114.101
03c92844ae99eb50dfa1d4d55a26e7e0f598ed58abe95aa4b096954ee773355d
06919e4b0900dbd665ee2bc94262a9560819222b9745acdb7d793d3e55916883
0f29f49c0de72d04faa05512929da6a7d8d52a5055d464be5b91a08883f64e35
10af6ce0f2dc087cbb173fbdf6ea8aef90686a1228f91a6732e78a9b5e817614
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16dda333f26bb21b43622ff1ce9d270d45af9bb5ded089f8cd5020eb0c4b183c
1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f
219be728c7e01deabaf9c0391fcd6b511002585c3f04b55d8fb431eeea3d680a
2216f74206505a528bf72e953d676abf439b0b9102c6c675fb02f556a97868ac
2bc145d0975da5e2963e8398c481060bb79c97fc25bf7e501f46e7750a500d64
31bcbd3cc9f873909d7039b3fc2db0d3ddc8ecf6f8180615ac528bddf9cc1cb3
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
33405d243b1d6b59763f933848f7d90ac96b0f820f560ca5f4e37e5dd7bfd261
38363e3031de5208f931105f11b0fcb9f675b436b20ced576d64f339e154f1a8
3e12d1472578c5312e1c1bc9a37dadeccd2fb2e50c5ce124b04d73d492673d83
40f3519b1a58b00e2711ec5df1196f68e6f57935f130e5e90ccbf9e371353eca
45dd6cdfd70864469a00344d268ee6047193b0eb0c425b859b2b694f61db1b6d
4936d9796aec752628cf17d6ac519b0a7ee60dfdf32e2b6e09cf070813704841
4a799725b5c11a9f800721bd0b7307adb52e2adce219c69c66c69a0d6327d383
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4ed67c754980cf1396d83b28a841f8129a7115a601e1b46832237a42e23e230f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54de54b8aaf9245d016bf0adb5cf807195b6c883648f313e197a753f9f723410
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4
5dabdb8c1dca6e015b6a4b694340e745fb29f3f5ba4c85874b341f3df2d66d39
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60be40bf02cb3a188131b1b23820333b0d6e1bd386f89924c91dcf79ef6e15fd
69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7
69c3800f465a87971550255d714c5ea6d6f28128ae4bd7c580e418781c6c36f8
6b2ee4913b17657576bb1390520e292b6c373289a44a381d62daf18bab312fdb
7090c8ce3dc1702e3f2c0408de14f7a8f677586187b7b41d46826d157de36b82
72331d3326d88cd08dd8bbf3e6df77e44e0aebda0e96a1636277d97cac297cf8
72cea0816ef20831085b24bb26e7f58f499db323bd3948e077b65a7c06492c82
77c7aef16240ff874d9a3437a30b1498186f10d53bd6d225577dbc854362f49d
79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fa21cffe9d1da602d6e453f0b8e6a32e921965102d3404822418ace456ce759
82316bdd6826499d67dd7aa90acfc22bdd256dd5304b6ef1b60d83c6d7004a0e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85db3449de25ea36d3baa5f014f907dca7b5925cfb341e074b5d73eea8d38e2e
89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16
8b1a3dcbaab89acdaa51163b3061065737d20b5f578c6dad425e526870d8fdcb
8b38a5ede6fe6b57ccc1078dc210eca4d8bff3b17568cec86a6b4f7f5b4b2831
8ea1118be5ec27c0020d3323530eb40324ddd278c8a1bcf85e116690191e3d5c
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
9c2a3e606436439e62af199ee7625053a5c95682f0aa58c71e7a101e44cb8d43
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a54221e2eb924d0070ec1e50dbce6dc09b3539fbc165c3e02b2ab79b052d03e5
a57ba50f581da3346d595619a3e5bd978141a9c02910983b4c335aef897cdba9
a6888640a743121a545a43d8c95ba418fe79f09c08086d7e2b35db51efad76c9
a6b03a9843d01dab19b4a2cb72198e72de48c05002bf0f7492babf2a3ace85c1
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a796d9ce19cdcef436ca1aeb9d6de43067d87cfadea37096925165d1d3af0fd6
b2f42b31066e9837477a90ad7f1977f4107f1ce2d63311b9be9d78a7f3a7d4ff
b582377cc59690982fca4f0cefc9f01ecf1e26e5e2f6ccc25a9f8e8f1ace47ab
bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314
bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a
c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc
d41b2bc68aa10c4d3abef1aa9dbfa1a2937e96092d51d178578dcbfc140a1610
d43d1ad622f3d01290b2f28aec6c01ccb8ff708c6f76cb7156223702a8d049c0
d853f374f81c4aac9bb2516911057ef7e32cfeaa3d2276b336051133fa5af8b4
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dfd1e721134e0b5b60406e0db3b4daa027843863a65cac8099ccec3e9c1ca91f
e1debaba03de52e2667d2d58b6039d31a4fbf7c6c6defa5f10bd2383facd620e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb
f62171ce7de2ce94cd4b683b4349ebc3f7684195a40105dcad1ebb9c50fcb6bf
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbe60ca37dc128f1c6191be42c0e9595d1e805d3d4f52841872b7b4db6522b75

g2aweeklysale.com Open in urlscan Pro 139.59.199.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

98 %HTTPS

59 %IPv6

19 Domains

21 Subdomains

16 IPs

7 Countries

3155 kBTransfer

5761 kBSize

6 Cookies

66 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

g2aweeklysale.com Open in urlscan Pro
139.59.199.9 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

98 %
HTTPS

59 %
IPv6

19
Domains

21
Subdomains

16
IPs

7
Countries

3155 kB
Transfer

5761 kB
Size

6
Cookies

90 HTTP transactions
0 data transactions