urlscan.io logo urlscan.io
SecurityTrails logo

af.uppromote.com Open in urlscan Pro
206.189.254.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://affiliate.serezacreations.com/
Effective URL: https://af.uppromote.com/serezacreations/register
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 40 HTTP transactions. The main IP is 206.189.254.86, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is af.uppromote.com. The Cisco Umbrella rank of the primary domain is 502783.
TLS certificate: Issued by R11 on October 14th 2024. Valid for: 3 months.
This is the only time af.uppromote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
affiliate.serezacreations.com
5    206.189.254.86 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
af.uppromote.com
2    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
17    2600:9000:275b:2e00:17:407b:8680:21 (United States)

ASN16509 (AMAZON-02, US)
d1639lhkj5l89m.cloudfront.net
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
2    2600:9000:223f:4e00:f:136b:6ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.uppromote.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
4    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.recaptcha.net
Apex Domain
Subdomains		 Transfer
17 cloudfront.net
d1639lhkj5l89m.cloudfront.net
469 KB
7 uppromote.com
af.uppromote.com — Cisco Umbrella Rank: 502783
cdn.uppromote.com — Cisco Umbrella Rank: 109435
837 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
252 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
translate.googleapis.com — Cisco Umbrella Rank: 941
77 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1295
2 KB
2 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 6169
218 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1139
29 KB
1 serezacreations.com
affiliate.serezacreations.com
335 B
40 8
Domain Requested by
17 d1639lhkj5l89m.cloudfront.net af.uppromote.com
d1639lhkj5l89m.cloudfront.net
5 af.uppromote.com af.uppromote.com
4 www.gstatic.com www.recaptcha.net
af.uppromote.com
www.gstatic.com
3 www.recaptcha.net af.uppromote.com
www.gstatic.com
3 fonts.googleapis.com af.uppromote.com
2 fonts.gstatic.com fonts.googleapis.com
af.uppromote.com
2 cdn.uppromote.com af.uppromote.com
2 pro.fontawesome.com af.uppromote.com
pro.fontawesome.com
1 translate.googleapis.com
1 translate.google.com af.uppromote.com
1 affiliate.serezacreations.com 1 redirects
40 11

This site contains links to these domains. Also see Links.

Domain
translate.google.com
shascacreations.com
uppromote.com
Subject Issuer Validity Valid
af.uppromote.com
R11		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
misc.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.uppromote.com
Amazon RSA 2048 M02		 2024-07-29 -
2025-08-27		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://af.uppromote.com/serezacreations/register
Frame ID: 8F10BEDCA36367E79DDD1B0DC5CFD79A
Requests: 38 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1BCEB4CEB48701E102F993644387A844
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcfFqkaAAAAAODkHHT2DLE7UBeSbf7kVCdBkTQE&co=aHR0cHM6Ly9hZi51cHByb21vdGUuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=8g9fqglu570x
Frame ID: 2BCA3BB0BEF3B35BC2B7539C4358765A
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcfFqkaAAAAAODkHHT2DLE7UBeSbf7kVCdBkTQE
Frame ID: 0384FC833E34CE07F3943705D505DA5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sereza Creations | Affiliate Register

Page URL History Show full URLs

  1. https://affiliate.serezacreations.com/ HTTP 301
    http://af.uppromote.com/serezacreations/register HTTP 307
    https://af.uppromote.com/serezacreations/register Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

40
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

1884 kB
Transfer

2792 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://affiliate.serezacreations.com/ HTTP 301
    http://af.uppromote.com/serezacreations/register HTTP 307
    https://af.uppromote.com/serezacreations/register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
af.uppromote.com/serezacreations/
Redirect Chain
  • https://affiliate.serezacreations.com/
  • http://af.uppromote.com/serezacreations/register
  • https://af.uppromote.com/serezacreations/register
71 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af.uppromote.com/serezacreations/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.254.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
026a65823087752546231874d25e67d4e5a7df2f86ebb5d1ffe7ba281032f7cb
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Nov 2024 07:02:06 GMT
Front-End-Https
on
Server
nginx
Strict-Transport-Security
max-age=3600; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Forwarded-For
80.255.10.205
X-XSS-Protection
1; mode=block
expires
-1
pragma
no-cache

Redirect headers

Location
https://af.uppromote.com/serezacreations/register
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
af.uppromote.com/css/ 		118 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://af.uppromote.com/css/bootstrap.min.css
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.254.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3443b1cdde7010a735f0a89f859ed127e98b922e7b1eb396dd2083525d12f9f3
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/serezacreations/register

Response headers

Transfer-Encoding
chunked
Front-End-Https
on
Strict-Transport-Security
max-age=3600; includeSubDomains
Content-Encoding
gzip
ETag
W/"672481e3-1d9bc"
X-Forwarded-For
80.255.10.205
Connection
keep-alive
X-Content-Type-Options
nosniff
Date
Sun, 03 Nov 2024 07:02:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Last-Modified
Fri, 01 Nov 2024 07:23:15 GMT
Server
nginx
all.css
pro.fontawesome.com/releases/v5.15.1/css/ 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://af.uppromote.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"95fe9653f2c45892b7e58090566f510f"
age
19164179
access-control-allow-methods
GET
date
Sun, 03 Nov 2024 07:02:06 GMT
content-type
text/css
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 28 Jun 2021 17:18:07 GMT
x-amz-id-2
6JKGzQtLIj7T2ONM7twAFsuDRcotW6684Txj1ykLTts+0aS2n28T0XzpSzHoD/uhw9tsV9m6WUg=
cache-control
max-age=31556926
x-amz-request-id
B871H9G6K2565HGX
cf-ray
8dca7f321bf31db0-FRA
access-control-allow-origin
*
server
cloudflare
material-design-iconic-font.min.css
af.uppromote.com/registerv3/fonts/material-icon/css/ 		69 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://af.uppromote.com/registerv3/fonts/material-icon/css/material-design-iconic-font.min.css
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.254.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/serezacreations/register

Response headers

Transfer-Encoding
chunked
Front-End-Https
on
Strict-Transport-Security
max-age=3600; includeSubDomains
Content-Encoding
gzip
ETag
W/"672481e3-1149f"
X-Forwarded-For
80.255.10.205
Connection
keep-alive
X-Content-Type-Options
nosniff
Date
Sun, 03 Nov 2024 07:02:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Last-Modified
Fri, 01 Nov 2024 07:23:15 GMT
Server
nginx
nouislider.min.css
af.uppromote.com/registerv3/vendor/nouislider/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://af.uppromote.com/registerv3/vendor/nouislider/nouislider.min.css
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.254.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b64629abe5ddab83d034d1910cfb47dc6e796ae641e3e921fd103cd006e781ac
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/serezacreations/register

Response headers

Front-End-Https
on
Strict-Transport-Security
max-age=3600; includeSubDomains
ETag
"672481e3-f03"
X-Forwarded-For
80.255.10.205
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
3843
Date
Sun, 03 Nov 2024 07:02:06 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Last-Modified
Fri, 01 Nov 2024 07:23:15 GMT
Server
nginx
style.min.css
d1639lhkj5l89m.cloudfront.net/registerv3/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/css/style.min.css
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
30eb722a21547f8c656b3287dfd86db25b22fe79193d9cae5e6654464cb576e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
etag
W/"672481e3-45df"
age
1737
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Lzxi6z5F5oh2qz5khU0p6NNtaWRbYcvlT2mH-tFus0z9zqiqwZWysQ==
date
Sun, 03 Nov 2024 06:33:45 GMT
content-type
text/css
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
css2
fonts.googleapis.com/ 		6 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@300;400;500;600;700&display=swap
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98098e8753bc9cc6406e308e570530996569228e87d7d9529279f9f46147be87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 07:02:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 07:02:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 05:43:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vollkorn
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7cd027dbcc07a1e9fac0c089f84bcdd2bba417936c7edf568c2163256f10df2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 07:02:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 07:02:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 07:02:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		5 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@700;900&display=swap
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bed9cda921e23a3a76a43d3aa79c9acccc407aa8644cfe13dcdb58d14f28432a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 07:02:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 07:02:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 07:02:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
api.js
www.recaptcha.net/recaptcha/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10ea6d8432827b7a1692112948d014a437a7fec87e8f06038daa86442eb019bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 07:02:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 03 Nov 2024 07:02:06 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
1686983787_8166693_5cd5f0b7ffdb4493a0512ef579c996dbSC_Logo.png
cdn.uppromote.com/storage/uploads/logo/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uppromote.com/storage/uploads/logo/1686983787_8166693_5cd5f0b7ffdb4493a0512ef579c996dbSC_Logo.png
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:f:136b:6ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdc66f7e43d30797ea6bc25bd469c01acac766d987b8bfe6b6b5be51d003685e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

vary
Origin
x-amz-version-id
null
etag
"218ef866c314843a8bc2fe55367d9571"
age
4863
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
120295
x-amz-cf-id
G2ZWyYhYvv0ECxr7u_ewOgY6QGJRCt7MANaozWsMtrF2udNgqDA9IA==
date
Sun, 03 Nov 2024 05:41:04 GMT
content-type
image/png
last-modified
Sat, 17 Jun 2023 06:36:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
logo-white.png
d1639lhkj5l89m.cloudfront.net/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1639lhkj5l89m.cloudfront.net/img/logo-white.png
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c70ca31f77a840817c239a77f9c1d896d83847989330b422189dacf2879382d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e4-179b"
age
5281
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
6043
x-amz-cf-id
PjtMObOciokL-LqxGNt8E_XS1TyYEoveykt1YQ0kdtdQZEWYBu5zGA==
date
Sun, 03 Nov 2024 05:34:04 GMT
content-type
image/png
last-modified
Fri, 01 Nov 2024 07:23:16 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
jquery-3.1.1.min.js
d1639lhkj5l89m.cloudfront.net/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/jquery-3.1.1.min.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-152b5"
age
6781
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
86709
x-amz-cf-id
IZMa7yI73v2bKjilNrV5myWbIaqGeqcx7H3A1PNIj5zSQwPfNgCBEQ==
date
Sun, 03 Nov 2024 05:10:25 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
bootstrap.min.js
d1639lhkj5l89m.cloudfront.net/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/bootstrap.min.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-90b5"
age
10122
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
37045
x-amz-cf-id
tXgRXLdVADT8YN0bdp3YzmGYYWBlOW9ScfBjA5QPYZSoG6_K0wqtRw==
date
Sun, 03 Nov 2024 04:13:24 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
nouislider.min.js
d1639lhkj5l89m.cloudfront.net/registerv3/vendor/nouislider/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/vendor/nouislider/nouislider.min.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
201e76e12be19deaa5fa7bf5c1057b38ab1c707361c7c3afb0699b17a58268cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-5628"
age
1736
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
22056
x-amz-cf-id
xSZ75CJnkUbOEIXp1mLbczAFX4Liif_eOGl-m3FxOErGiHo4WK_rWw==
date
Sun, 03 Nov 2024 06:33:45 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
wNumb.js
d1639lhkj5l89m.cloudfront.net/registerv3/vendor/wnumb/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/vendor/wnumb/wNumb.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a7b076b065b903c6e29ddde935ab1593b79a2640fb56e2eb38cd4f7b6bcb9809

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-2251"
age
9619
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8785
x-amz-cf-id
4xUSfp7yaHS-Y9YvM1WiSidRLtfyGGzK16btgVeZroYN_wFsTcsi4w==
date
Sun, 03 Nov 2024 04:23:08 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
jquery.validate.min.js
d1639lhkj5l89m.cloudfront.net/registerv3/vendor/jquery-validation/dist/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/vendor/jquery-validation/dist/jquery.validate.min.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-5add"
age
12103
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
23261
x-amz-cf-id
zXJlDrEdjP6r8uIEGHlpXUe5MrJNNksOlpK_Y1KXYHF_DDATlPJuyA==
date
Sun, 03 Nov 2024 03:52:25 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
additional-methods.min.js
d1639lhkj5l89m.cloudfront.net/registerv3/vendor/jquery-validation/dist/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/vendor/jquery-validation/dist/additional-methods.min.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d1883f7a26d574acb192e568d50c21d03b29a14087bd26e6fe83a8615cf7d814

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-4820"
age
9619
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
18464
x-amz-cf-id
f4z0gCv_AAH1keVaxo4VgoJTvNboZWIlvUoVgriqzl2c0qwjDV0vXw==
date
Sun, 03 Nov 2024 04:21:47 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
main.js
d1639lhkj5l89m.cloudfront.net/registerv3/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/js/main.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d4ab5ccc6cbb9ab1d7a179b354cc7c417197b44f1ea187508394ecdb0381ab4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-6c2"
age
557
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1730
x-amz-cf-id
cGn9Cj8yx68-OvgopAYXWGdkiE27IRaVDuyhPE08S1uOY1OCiGrW6Q==
date
Sun, 03 Nov 2024 06:57:45 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
helpers.js
d1639lhkj5l89m.cloudfront.net/js/app/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/app/helpers.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e293fed0da13bbad778fc1f060cee3a783f57f3b6469ef33b5af26e6e165b42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-c0c"
age
557
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3084
x-amz-cf-id
BR98itJ_10N7jmvuVorOMHHy7FiqfhY_wkd7dEg8N7CKG2KNZ-iTtA==
date
Sun, 03 Nov 2024 06:57:45 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
embedded-preview.js
d1639lhkj5l89m.cloudfront.net/registerv3/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/js/embedded-preview.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6fdedf8789eb8e7f2491977b83d1c2e2baf89c7e94e8f9a4b898fda4ab655b8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e4-6378"
age
2124
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
25464
x-amz-cf-id
W7FQquEpN5LL4z6e2VmH3drYXYbRXiVrg2cSbU73n-90mJj7ozpgEA==
date
Sun, 03 Nov 2024 06:26:42 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:16 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
iframeResizer.contentWindow.js
d1639lhkj5l89m.cloudfront.net/js/plugins/iframeResizer/ 		39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/plugins/iframeResizer/iframeResizer.contentWindow.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d813ca5bfd02c0cacbc3f7f3612fd5d24c66eb95bd452a1b144a890a7e2ff728

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-9dba"
age
7724
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
40378
x-amz-cf-id
VM9kokvNX2odYeCs4X2it_gmS_dXu22HBrUsOYXKFT-uOnglJsWMLA==
date
Sun, 03 Nov 2024 04:53:22 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
jquery.inputmask.bundle.js
d1639lhkj5l89m.cloudfront.net/js/plugins/inputmask/ 		172 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/plugins/inputmask/jquery.inputmask.bundle.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-2b131"
age
17158
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
176433
x-amz-cf-id
veuRekR5xsCbiPPNPcZCe9FzeNGtlANF373IoN_Pb1rKj7IKLy-2UA==
date
Sun, 03 Nov 2024 02:31:58 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
element.js
translate.google.com/translate_a/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f85e5767dbedbe466c7b70aeee18088ccb629231fedaf35b870a524cae5e8006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 07:02:06 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
register.js
d1639lhkj5l89m.cloudfront.net/js/affiliate/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/affiliate/register.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aa152200652e4713b885568c40b1c5f532eaf795a4734e7e572e5dda43e7afeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-f2e"
age
6662
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3886
x-amz-cf-id
Sfbu4nl7aDARM-LeF8gf1-CwKiO-hR-Im96icN6B2qpqv9_OyD4FZg==
date
Sun, 03 Nov 2024 05:11:04 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
payment_dropdown.js
d1639lhkj5l89m.cloudfront.net/js/affiliate/ 		544 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/js/affiliate/payment_dropdown.js
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d8edc8578c3653f0b183e9d79e948ccec6f37986867b278415a28ec76e85ed2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

etag
"672481e3-220"
age
19911
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
544
x-amz-cf-id
QrKzDc3RBJ8iqxeiayFJ3njypSZsNHUdwhc7rH4hZP5tj4RprvhTHQ==
date
Sun, 03 Nov 2024 01:30:55 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
vary
Origin
1686984858_3895697_cb6434f0411b1fe00450e80ccbbbb079.JPEG
cdn.uppromote.com/storage/uploads/images/ 		649 KB
650 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uppromote.com/storage/uploads/images/1686984858_3895697_cb6434f0411b1fe00450e80ccbbbb079.JPEG
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:f:136b:6ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
501cc6a7c896e5e5aaa52b1ff2264fe6bb469c853ff0be495e52e91e93c76332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

vary
Origin
x-amz-version-id
null
etag
"07e14b217b62d987ce91e8d77ba8501f"
age
4863
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
664710
x-amz-cf-id
yai0wHqIQX_skc1Fa1LmAxOp3y4p2IeiwV0LzMSoDPYz1_pzoDQfNw==
date
Sun, 03 Nov 2024 05:41:04 GMT
content-type
image/jpeg
last-modified
Sat, 17 Jun 2023 06:54:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeHmmc.woff2
fonts.gstatic.com/s/vollkorn/v27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v27/0ybgGDoxxrvAnPhYGzMlQLzuMasz6Df2MHGeHmmc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7020a2f35c08a997e1d96da73093b9bb97df210cd9147454c9e38972818724e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://fonts.googleapis.com/

Response headers

age
314151
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:46:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:46:15 GMT
last-modified
Fri, 27 Sep 2024 00:45:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25496
x-xss-protection
0
server
sffe
fa-light-300.woff2
pro.fontawesome.com/releases/v5.15.1/webfonts/ 		185 KB
186 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.1/webfonts/fa-light-300.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://pro.fontawesome.com/releases/v5.15.1/css/all.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"1b0a9e43c154aa698c3f149ade78c287"
age
20273186
access-control-allow-methods
GET
date
Sun, 03 Nov 2024 07:02:06 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 28 Jun 2021 17:19:52 GMT
x-amz-id-2
AeOdDAsmi0dkOykec4GsP8hYWVat+ltRuRxi9FRweGaQbWGbVYzEEu+HFMLLu36BFgiX+Sdl7Zw=
cache-control
max-age=31556926
x-amz-request-id
XNMRBMYMMY89JVM0
cf-ray
8dca7f33cce01db0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
189648
server
cloudflare
poppins-v5-latin-regular.woff2
d1639lhkj5l89m.cloudfront.net/registerv3/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/fonts/poppins/poppins-v5-latin-regular.woff2
Requested by
Host: d1639lhkj5l89m.cloudfront.net
URL: https://d1639lhkj5l89m.cloudfront.net/registerv3/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://d1639lhkj5l89m.cloudfront.net/registerv3/css/style.min.css

Response headers

etag
"672481e3-1ee0"
age
4644
via
1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
7904
x-amz-cf-id
qKx_8JfnyW1FE82SgUJ6PNJTKL0yySnpmjuof4AcE0XOZeiH8mdQAw==
date
Sun, 03 Nov 2024 06:34:48 GMT
content-type
application/octet-stream
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
poppins-v5-latin-500.woff2
d1639lhkj5l89m.cloudfront.net/registerv3/fonts/poppins/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1639lhkj5l89m.cloudfront.net/registerv3/fonts/poppins/poppins-v5-latin-500.woff2
Requested by
Host: d1639lhkj5l89m.cloudfront.net
URL: https://d1639lhkj5l89m.cloudfront.net/registerv3/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:2e00:17:407b:8680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://d1639lhkj5l89m.cloudfront.net/registerv3/css/style.min.css

Response headers

etag
"672481e3-1ecc"
age
4644
via
1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
7884
x-amz-cf-id
te1BkkUGX-XtqnyDToVDShDlatOwTsTW_ytZjJ0BnIvuTjz5iI3rFg==
date
Sun, 03 Nov 2024 05:44:59 GMT
content-type
application/octet-stream
last-modified
Fri, 01 Nov 2024 07:23:15 GMT
server
nginx
x-amz-cf-pop
FRA60-P7
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.2nKX6mnoQrY.O/am=DAY/d=1/rs=AN8SPfpIFbBSsBP4t29TRhozAhD2ticWUg/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
age
44627
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 18:38:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:38:19 GMT
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4144
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.2nKX6mnoQrY.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfo-zQ-s0V9wTRrnjU3pNqdFvS-GIw/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.2nKX6mnoQrY.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfo-zQ-s0V9wTRrnjU3pNqdFvS-GIw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.2nKX6mnoQrY.O/am=DAY/d=1/rs=AN8SPfpIFbBSsBP4t29TRhozAhD2ticWUg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5cfdc304ce89b7814699dd0d107c36b5e960f62c4dbc5de1b4a4b66db7c96ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
age
110670
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 00:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 00:17:36 GMT
last-modified
Wed, 30 Oct 2024 19:10:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
75685
x-xss-protection
0
server
sffe
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		547 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://af.uppromote.com
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
age
48204
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:38:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:38:42 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
truncated
/ Frame 1BCE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

content-encoding
gzip
age
110669
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 00:17:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 00:17:37 GMT
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
3340
x-xss-protection
0
server
sffe
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: af.uppromote.com
URL: https://af.uppromote.com/serezacreations/register
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/

Response headers

age
144204
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 14:58:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 14:58:42 GMT
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
910
x-xss-protection
0
server
sffe
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Response headers

age
38824
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 20:15:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 20:15:02 GMT
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1842
x-xss-protection
0
server
sffe
anchor
www.recaptcha.net/recaptcha/api2/ Frame 2BCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcfFqkaAAAAAODkHHT2DLE7UBeSbf7kVCdBkTQE&co=aHR0cHM6Ly9hZi51cHByb21vdGUuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=8g9fqglu570x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MHrtDMNMgCx4pStfwJ9WQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af.uppromote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MHrtDMNMgCx4pStfwJ9WQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 07:02:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
af.uppromote.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://af.uppromote.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.254.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
881f74d0efe1d85b3fba4f200a4096612d8284f6644b10aa22ec73d64ef4aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://af.uppromote.com/serezacreations/register

Response headers

Front-End-Https
on
Strict-Transport-Security
max-age=3600; includeSubDomains
ETag
"672481e3-3c2e"
X-Forwarded-For
80.255.10.205
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
15406
Date
Sun, 03 Nov 2024 07:02:07 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/x-icon
Last-Modified
Fri, 01 Nov 2024 07:23:15 GMT
Server
nginx
bframe
www.recaptcha.net/recaptcha/api2/ Frame 0384 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcfFqkaAAAAAODkHHT2DLE7UBeSbf7kVCdBkTQE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8vV18QkvrQgv-quSmp4vWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://af.uppromote.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8vV18QkvrQgv-quSmp4vWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Nov 2024 07:02:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| noUiSlider function| wNumb function| asset_s3 function| renderElm function| scaSetCookie function| scaGetCookie function| pushCrispMessage function| trackEventMixpanel object| originFormBeforeSort function| Inputmask object| fieldsData object| rules object| messages object| emailRegex function| googleTranslateElementInit function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_607143 object| recaptcha object| closure_lm_828953

2 Cookies

Domain/Path Name / Value
af.uppromote.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InBGMTlsRlFXOGtYWklXaDJFOU5FNFE9PSIsInZhbHVlIjoiXC8wT25hb05mZXJvSzVySzJVdnNFalBzVEd3WTJoeXBIRFFjWXY1STRFaWJyUlVKUG94dG1aVTdNd1pkM0JtXC9hIiwibWFjIjoiYTllOGI4NTg3MGIwN2Y5MzI5NDI2NzYxNTEzNzZlZDc4ZGQ4ODkyYmI3ZDdiZmJlNTNkM2Y4ODc1ZWIzZGYyNCJ9
af.uppromote.com/ Name: laravel_session
Value: eyJpdiI6InlyYnNWeHVkN3c2eWlJakQzbWR2d2c9PSIsInZhbHVlIjoicTVzS1hkQW1iQk8zdEg3Vm1nMVBRM0tVdmswdndiVEx2SzhudHFPa0NjZkFIY0JSRUR0eWJLMDNcL0wrUmpxUkFCN1NhZHZ5RWc1V1JZbGtyOUhIS3RIWkFqZmZ6YmJcL0xVVXd4ZEhQc21iRlBBUjF4ZElhUnMxSEIxdm1pWW81NyIsIm1hYyI6IjYzNGUxMDVkNDE1ZmQyZDJlMjE4M2QwZTE2OTk5ZWM5MTdjODIxNTA5MWY2MjY5ZmU4MDUxZTUxZWYyYzViNzMifQ%3D%3D

3 Console Messages

Source Level URL
Text
recommendation warning URL: https://af.uppromote.com/serezacreations/register
Message:
[DOM] Found 2 elements with non-unique id #email: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://af.uppromote.com/serezacreations/register
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://af.uppromote.com/serezacreations/register
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

af.uppromote.com
affiliate.serezacreations.com
cdn.uppromote.com
d1639lhkj5l89m.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
translate.google.com
translate.googleapis.com
www.gstatic.com
www.recaptcha.net
142.250.184.195
142.250.185.99
142.250.186.99
206.189.254.86
2600:9000:223f:4e00:f:136b:6ac0:93a1
2600:9000:275b:2e00:17:407b:8680:21
2606:4700:4400::6812:2844
2a00:1450:4001:803::200a
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
3.33.251.168
026a65823087752546231874d25e67d4e5a7df2f86ebb5d1ffe7ba281032f7cb
10ea6d8432827b7a1692112948d014a437a7fec87e8f06038daa86442eb019bf
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1d4ab5ccc6cbb9ab1d7a179b354cc7c417197b44f1ea187508394ecdb0381ab4
1e293fed0da13bbad778fc1f060cee3a783f57f3b6469ef33b5af26e6e165b42
201e76e12be19deaa5fa7bf5c1057b38ab1c707361c7c3afb0699b17a58268cd
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830
30eb722a21547f8c656b3287dfd86db25b22fe79193d9cae5e6654464cb576e8
3443b1cdde7010a735f0a89f859ed127e98b922e7b1eb396dd2083525d12f9f3
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
501cc6a7c896e5e5aaa52b1ff2264fe6bb469c853ff0be495e52e91e93c76332
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6fdedf8789eb8e7f2491977b83d1c2e2baf89c7e94e8f9a4b898fda4ab655b8a
7020a2f35c08a997e1d96da73093b9bb97df210cd9147454c9e38972818724e8
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
881f74d0efe1d85b3fba4f200a4096612d8284f6644b10aa22ec73d64ef4aa5e
98098e8753bc9cc6406e308e570530996569228e87d7d9529279f9f46147be87
a5cfdc304ce89b7814699dd0d107c36b5e960f62c4dbc5de1b4a4b66db7c96ba
a7b076b065b903c6e29ddde935ab1593b79a2640fb56e2eb38cd4f7b6bcb9809
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
aa152200652e4713b885568c40b1c5f532eaf795a4734e7e572e5dda43e7afeb
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b64629abe5ddab83d034d1910cfb47dc6e796ae641e3e921fd103cd006e781ac
bdc66f7e43d30797ea6bc25bd469c01acac766d987b8bfe6b6b5be51d003685e
bed9cda921e23a3a76a43d3aa79c9acccc407aa8644cfe13dcdb58d14f28432a
c70ca31f77a840817c239a77f9c1d896d83847989330b422189dacf2879382d0
c71d49cfc099563c205918a58497a420e4a3509becd7ae1782b6fda044fb43b3
d1883f7a26d574acb192e568d50c21d03b29a14087bd26e6fe83a8615cf7d814
d813ca5bfd02c0cacbc3f7f3612fd5d24c66eb95bd452a1b144a890a7e2ff728
d8edc8578c3653f0b183e9d79e948ccec6f37986867b278415a28ec76e85ed2b
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b
f7cd027dbcc07a1e9fac0c089f84bcdd2bba417936c7edf568c2163256f10df2
f85e5767dbedbe466c7b70aeee18088ccb629231fedaf35b870a524cae5e8006