URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Submission: On December 06 via api from US — Scanned from NL

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 25 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is get-fabulous-content.click.
TLS certificate: Issued by WE1 on November 20th 2024. Valid for: 3 months.
This is the only time get-fabulous-content.click was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.3 13335 (CLOUDFLAR...)
8 2400:52e0:1e0... 60068 (CDN77 Dat...)
6 18.66.112.100 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 139.162.21.64 63949 (AKAMAI-LI...)
1 91.192.195.101 15510 (CWCS-PS C...)
1 172.217.18.3 15169 (GOOGLE)
2 3.11.247.223 16509 (AMAZON-02)
25 8
Domain Requested by
8 www.ourfastcdn.com get-fabulous-content.click
www.ourfastcdn.com
6 fd.sla-alacrity.com get-fabulous-content.click
fd.sla-alacrity.com
4 sg.d.shield.monitoringservice.co get-fabulous-content.click
2 antifraud-uk.empello.net get-fabulous-content.click
1 fonts.gstatic.com fonts.googleapis.com
1 sg.r.shield.monitoringservice.co get-fabulous-content.click
1 antifraud.cgparcel.net get-fabulous-content.click
1 fonts.googleapis.com www.ourfastcdn.com
1 get-fabulous-content.click
25 9

This site contains no links.

Subject Issuer Validity Valid
get-fabulous-content.click
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
www.ourfastcdn.com
R11
2024-10-30 -
2025-01-28
3 months crt.sh
*.sla-alacrity.com
Sectigo RSA Organization Validation Secure Server CA
2024-04-16 -
2025-04-16
a year crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
sg.d.shield.monitoringservice.co
R10
2024-12-01 -
2025-03-01
3 months crt.sh
apisdp.mobi-mind.net
Go Daddy Secure Certificate Authority - G2
2024-11-24 -
2025-11-23
a year crt.sh
sg.r.shield.monitoringservice.co
R10
2024-12-01 -
2025-03-01
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.empello.net
Sectigo RSA Domain Validation Secure Server CA
2024-04-24 -
2025-05-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Frame ID: 6C8A247160CE823CFECBC41F811B14E8
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

أحصل علي المحتوي المميز

Page Statistics

25
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

8
IPs

5
Countries

412 kB
Transfer

534 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
get-fabulous-content.click/lp/sa/ar/884n6em803/
97 KB
37 KB
Document
General
Full URL
https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba1bb0e971fe468f8a479643686000b32f1fa201fd647c4a95f83b30b22951d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8edb6dd2eafc0a79-AMS
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 10:00:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=self
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQlsdZc2rrHuLQij%2F1Wp%2B8AlyyLx9WQD2w7ZHIrCzcy11t9zh1DpUiXqpJ0q4OsWoMHjd4qq3nTUILraIT19mL8Sr9Qjyk9UGjgAfAEzdR5naNAhRgRSgRHPRilw56V2x6BKFO%2F1wDekJO4U%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14099&min_rtt=13414&rtt_var=2528&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4233&recv_bytes=4606&delivery_rate=713&cwnd=12000&unsent_bytes=0&cid=8ca79084fd8b3196&ts=1013&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
axios.min.js
www.ourfastcdn.com/libraries/
30 KB
13 KB
Script
General
Full URL
https://www.ourfastcdn.com/libraries/axios.min.js
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
994d6e124d837856735298c59b571c79f9f61e448c84ad6b742e6f6ba05cbf93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
W/"63d2fc69-79b1"
cdn-fileserver
537
date
Fri, 06 Dec 2024 10:00:28 GMT
cdn-storageserver
DE-661
last-modified
Thu, 26 Jan 2023 22:19:21 GMT
cdn-cachedat
11/11/2024 00:37:22
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
2d691b109f637b976cdd9fb2faddd0cd
cdn-pullzone
123549
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
style18.css
www.ourfastcdn.com/vas-lps/19/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.ourfastcdn.com/vas-lps/19/style18.css
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
c3e9be22fa355d6e75a5b14c746c238306a411c81ee444400a976b0c87045089

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"64a564d5-264b"
cdn-fileserver
645
date
Fri, 06 Dec 2024 10:00:28 GMT
cdn-storageserver
DE-599
last-modified
Wed, 05 Jul 2023 12:40:53 GMT
cdn-cachedat
11/04/2024 14:46:15
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
a2aff8817d857cef0367039956b79d53
cdn-pullzone
123549
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
d513e9e03227.js
fd.sla-alacrity.com/
23 KB
6 KB
Script
General
Full URL
https://fd.sla-alacrity.com/d513e9e03227.js
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
328157599904cf2720f53de7633dd309d75871048094bf1b2769b5178c3b85e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

content-encoding
br
age
19897
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
y7nqFNwngmZW_dgob0pvbgd3xWHyiIeSQ453OdVIlMgL9DuHp9EYFA==
date
Fri, 06 Dec 2024 04:28:51 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 12:38:25 GMT
server
nginx/1.21.4
x-amz-cf-pop
FRA56-P5
vary
Accept-Encoding
loading.gif
www.ourfastcdn.com/content/
169 KB
169 KB
Image
General
Full URL
https://www.ourfastcdn.com/content/loading.gif
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
cdn-fileserver
548
date
Fri, 06 Dec 2024 10:00:28 GMT
cdn-storageserver
DE-599
content-type
image/gif
last-modified
Wed, 15 Feb 2023 18:02:52 GMT
cdn-cachedat
11/28/2024 20:30:26
cdn-cache
HIT
cdn-requestpullcode
206
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
2a0aefed3d6d79aa4298d952d0dd143b
cdn-pullzone
123549
cdn-proxyver
1.06
accept-ranges
bytes
content-length
172593
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
top.png
www.ourfastcdn.com/vas-lps/19/
4 KB
5 KB
Image
General
Full URL
https://www.ourfastcdn.com/vas-lps/19/top.png
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
9c75ef3dd2636c65896c39655ff5856a2722c3fad45c7e8ba0e55d337ccb8a89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
cdn-fileserver
148
date
Fri, 06 Dec 2024 10:00:28 GMT
cdn-storageserver
DE-51
content-type
image/png
last-modified
Sun, 07 May 2023 14:04:02 GMT
cdn-cachedat
11/14/2024 04:26:05
cdn-cache
HIT
cdn-requestpullcode
206
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
bc18b756b84756090189c86c548e6d3b
cdn-pullzone
123549
cdn-proxyver
1.06
accept-ranges
bytes
content-length
4399
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
sa55.js
www.ourfastcdn.com/vas-lps/
11 KB
3 KB
Script
General
Full URL
https://www.ourfastcdn.com/vas-lps/sa55.js
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
48b6a4c7d079e1a1c00af2ed45ca7de0f7c4326ad1f3d510e5e5eb4da1be052d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"670ae931-2d40"
cdn-fileserver
502
date
Fri, 06 Dec 2024 10:00:28 GMT
cdn-storageserver
DE-383
last-modified
Sat, 12 Oct 2024 21:25:05 GMT
cdn-cachedat
11/30/2024 16:44:04
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
4689480d776970b279f26f716917a8ed
cdn-pullzone
123549
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
css2
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;1,900&display=swap
Requested by
Host: www.ourfastcdn.com
URL: https://www.ourfastcdn.com/vas-lps/19/style18.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3879f28482bf1add6027e0cbcbfbc4905e227c3c43549b48489b832c3ab6ee45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.ourfastcdn.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 10:00:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 10:00:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 06 Dec 2024 09:58:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
sg.d.shield.monitoringservice.co/
0
145 B
Ping
General
Full URL
https://sg.d.shield.monitoringservice.co/
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.162.21.64 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li863-64.members.linode.com
Software
MCP-Shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://get-fabulous-content.click/

Response headers

access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
server
MCP-Shield
x-server
Data-1
Pixel
antifraud.cgparcel.net/AntiFraud/
0
160 B
Script
General
Full URL
https://antifraud.cgparcel.net/AntiFraud/Pixel?RequestID=20241206100028_78d7556f1eae470894447cd5e5656ac9&ChannelID=99916583&Pixel=0
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.192.195.101 , United Kingdom, ASN15510 (CWCS-PS Compuweb Communications Services Limited, GB),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cache-control
no-cache
x-aspnet-version
4.0.30319
pragma
no-cache
expires
-1
my_ip
101
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
text/html; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
p.png
sg.r.shield.monitoringservice.co/
0
542 B
Image
General
Full URL
https://sg.r.shield.monitoringservice.co/p.png?ak=ssk633fa2b182b46ff589a7a9b0398060dc&isSession=ZmFsc2U&w=MTYwMA&h=MTIwMA&vpw=MTYwMA&vph=MTIwMA&vvw=MTYwMA&vvh=MTIwMA&vvb=MTIwMA&vvr=MTYwMA&_wOh=MTI4NQ&_wOw=MTYwMA&_wIh=MTIwMA&_wIw=MTYwMA&_dPr=MQ&an=TmV0c2NhcGU&p=bGludXggeDg2XzY0&_ifc=dHJ1ZQ&_ifw=MQ&sah=MTIwMA&saw=MTYwMA&sc=MjQ&spd=MjQ&sh=MTIwMA&sw=MTYwMA&_sat=MA&_sal=MA&sot=bGFuZHNjYXBlLXByaW1hcnk&sa=MA&_sX=MTQ4MA&_sY=MTE3MA&_lB=ZmFsc2U&_mB=dHJ1ZQ&_pB=dHJ1ZQ&_sB=dHJ1ZQ&_sTb=dHJ1ZQ&_tb=dHJ1ZQ&oL=Mg&nL=bmwtTkw&nLs=ZW4tVVMsZW4&hC=Mjg&_lR=ZmFsc2U&_lsR=dHJ1ZQ&_nP=R2Vja28&_nV=R29vZ2xlIEluYy4&_nPs=MjAwMzAxMDc&_a=ZmFsc2U&_fC=MTM&_ckV=dHJ1ZQ&_ckS=dHJ1ZQ&dr=bnVsbA&wo=bnVsbA&_oV=dHJ1ZQ&_iB=dHJ1ZQ&_t=blQ&_mcpc=N2UwM2I2M2ViYzBlMmFiMTY5MTMzMzk3YzFjM2I5ODM&_ts=eyJfbXRwIjowLCJfdGUiOmZhbHNlfQ&_p=ZmFsc2U&_i=ZmFsc2U&_b=ZmFsc2U&_ofst=MQ&_iw=dHJ1ZQ&hidb=dHJ1ZQ&hls=dHJ1ZQ&hss=dHJ1ZQ&_cN=dHJ1ZQ&hswfl=ZmFsc2U&_iii=ZmFsc2U&_osc=bnVsbA&_cE=dHJ1ZQ&_aV=dHJ1ZQ&_apV=NS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2&_nC=MA&_nW=ZmFsc2U&_nPc=NQ&_nMc=Mg&_wA=dHJ1ZQ&_isM=ZmFsc2U&_wDiW=dHJ1ZQ&_wDw=ZmFsc2U&_xDr=ZmFsc2U&_dA=ZmFsc2U&_cP=ZmFsc2U&_wO=ZmFsc2U&_eL=MzM&_tO=dHJ1ZQ&_tI=dHJ1ZQ&_eFp=dHJ1ZQ&_isNd=ZmFsc2U&_isIi=MA&_gC=dHJ1ZQ&_cIden=bG9hZFRpbWVzLGNzaSxhcHAscnVudGltZQ&_isCr=dW5kZWZpbmVk&_isO=dHJ1ZQ&_gB=Q2hyb21l&_hLl=dHJ1ZQ&_gDnT=MA&_lOs=ZmFsc2U&lts=MTczMzQ3OTIyODczMw&isGCLID=ZmFsc2U&isFBCLID=ZmFsc2U&cts=MTczMzQ3OTIyODk5Mg&_v=VmlzaWJsZQ&_version=OC4w
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.162.21.64 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li863-64.members.linode.com
Software
MCP-Shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
content-disposition
attachment; filename=_sp
content-type
image/png
server
MCP-Shield
x-server
Report-2
access-control-allow-headers
Content-Type, Content-Encoding, Access-Control-Allow-Headers, Authorization, X-Requested-With, content-encoding
token
fd.sla-alacrity.com/
193 B
749 B
XHR
General
Full URL
https://fd.sla-alacrity.com/token?partner=partner:e4d162935b3486bce845fcc74e514eef886d3094&service=campaign:33052dac57bd79a2fe956db9c999356f2389d37c&ref=&fetch_usage=true
Requested by
Host: fd.sla-alacrity.com
URL: https://fd.sla-alacrity.com/d513e9e03227.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
65d7e56c038121ece8ac7279d49dd6e92dd55d52a92984927ac2445a3cb3eb7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

x-request-id
6a9d76fb-3f71-4d1f-b183-dcf621236f20
access-control-max-age
1728000
access-control-expose-headers
etag
W/"65d7e56c038121ece8ac7279d49dd6e9"
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
LeJiRdHlO5OCPXDfSpWNhjYexx9nY55-g79N9mbG46gnERBiQ3Pq0g==
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.026636
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P5
server
nginx/1.21.4
phone.png
www.ourfastcdn.com/vas-lps/19/
401 B
852 B
Image
General
Full URL
https://www.ourfastcdn.com/vas-lps/19/phone.png
Requested by
Host: www.ourfastcdn.com
URL: https://www.ourfastcdn.com/vas-lps/19/style18.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
56dc0e0acefef9da846a48081da8f30f3253d89dc3d527bfc722f6e803b74e11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.ourfastcdn.com/vas-lps/19/style18.css

Response headers

cdn-status
200
cdn-fileserver
57
date
Fri, 06 Dec 2024 10:00:29 GMT
cdn-storageserver
DE-661
content-type
image/png
last-modified
Sun, 07 May 2023 14:04:00 GMT
cdn-cachedat
11/21/2024 23:45:51
cdn-cache
HIT
cdn-requestpullcode
206
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
fbfebc67199abd9e8f85fdaa5a9f1574
cdn-pullzone
123549
cdn-proxyver
1.06
accept-ranges
bytes
content-length
401
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
shield.png
www.ourfastcdn.com/vas-lps/19/
2 KB
2 KB
Image
General
Full URL
https://www.ourfastcdn.com/vas-lps/19/shield.png
Requested by
Host: www.ourfastcdn.com
URL: https://www.ourfastcdn.com/vas-lps/19/style18.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
a864a46f91c9094e320926ae7e85371d69a0ffde22ef7700ad0377e23242292d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.ourfastcdn.com/vas-lps/19/style18.css

Response headers

cdn-status
200
cdn-fileserver
257
date
Fri, 06 Dec 2024 10:00:29 GMT
cdn-storageserver
DE-677
content-type
image/png
last-modified
Sun, 07 May 2023 14:04:02 GMT
cdn-cachedat
11/19/2024 21:22:25
cdn-cache
HIT
cdn-requestpullcode
206
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
3911866d8e373724bfc13135e56b5559
cdn-pullzone
123549
cdn-proxyver
1.06
accept-ranges
bytes
content-length
2071
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://get-fabulous-content.click
Referer
https://fonts.googleapis.com/

Response headers

age
197100
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 03:15:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:29 GMT
last-modified
Wed, 06 Nov 2024 17:30:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18792
x-xss-protection
0
server
sffe
/
sg.d.shield.monitoringservice.co/
0
170 B
Image
General
Full URL
https://sg.d.shield.monitoringservice.co/?d=JTdCJTIyayUyMjolMjJzc2s2MzNmYTJiMTgyYjQ2ZmY1ODlhN2E5YjAzOTgwNjBkYyUyMiwlMjJzJTIyOiUyMmdxN3lqNEVCcUROVVZPZDF2MDZzJTIyLCUyMmZyb20lMjI6JTIyaHR0cHM6Ly9nZXQtZmFidWxvdXMtY29udGVudC5jbGljay9scC9zYS9hci84ODRuNmVtODAzLz9jaWQ9MjBkODllYTc2YzIwY2QyN2E0ZDEwZjQxMGEwZmRiNDEmYWZmPTQ5JnMxPTgzMTYmczI9JnMzPSZzND0mczU9JTIyLCUyMnR5cGUlMjI6JTIyU1JTQ0klMjIsJTIyZGF0YSUyMjolMjIlN0IlNUMlMjJzJTVDJTIyOnRydWUsJTVDJTIydCU1QyUyMjoxOTE0LjYwMDAwMDAyMzg0MTksJTVDJTIyZCU1QyUyMjolN0IlNUMlMjJ3JTVDJTIyOjE2MDAsJTVDJTIyaCU1QyUyMjo1ODUsJTVDJTIyZEUlNUMlMjI6JTdCJTVDJTIydyU1QyUyMjoxNjAwLCU1QyUyMmglNUMlMjI6MTIwMCU3RCwlNUMlMjJyJTVDJTIyOiU3QiU1QyUyMnglNUMlMjI6MCwlNUMlMjJ5JTVDJTIyOjEwMCwlNUMlMjJ3aWR0aCU1QyUyMjoxNjAwLCU1QyUyMmhlaWdodCU1QyUyMjo1ODUsJTVDJTIydG9wJTVDJTIyOjEwMCwlNUMlMjJyaWdodCU1QyUyMjoxNjAwLCU1QyUyMmJvdHRvbSU1QyUyMjo2ODUsJTVDJTIybGVmdCU1QyUyMjowJTdELCU1QyUyMnMlNUMlMjI6JTdCJTVDJTIyYUglNUMlMjI6MTIwMCwlNUMlMjJhVyU1QyUyMjoxNjAwLCU1QyUyMmglNUMlMjI6MTIwMCwlNUMlMjJ3JTVDJTIyOjE2MDAlN0QsJTVDJTIyZCU1QyUyMjolN0IlNUMlMjJoJTVDJTIyOjEyMDAsJTVDJTIydyU1QyUyMjoxNjAwLCU1QyUyMm9IJTVDJTIyOjEyODUsJTVDJTIyb1clNUMlMjI6MTYwMCwlNUMlMjJ4JTVDJTIyOjE0ODAsJTVDJTIyeSU1QyUyMjoxMTcwJTdEJTdEJTdEJTIyJTdE
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.162.21.64 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li863-64.members.linode.com
Software
MCP-Shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
image/png
server
MCP-Shield
x-server
Data-4
/
sg.d.shield.monitoringservice.co/
0
170 B
Image
General
Full URL
https://sg.d.shield.monitoringservice.co/?d=JTdCJTIyayUyMjolMjJzc2s2MzNmYTJiMTgyYjQ2ZmY1ODlhN2E5YjAzOTgwNjBkYyUyMiwlMjJzJTIyOiUyMmdxN3lqNEVCcUROVVZPZDF2MDZzJTIyLCUyMmZyb20lMjI6JTIyaHR0cHM6Ly9nZXQtZmFidWxvdXMtY29udGVudC5jbGljay9scC9zYS9hci84ODRuNmVtODAzLz9jaWQ9MjBkODllYTc2YzIwY2QyN2E0ZDEwZjQxMGEwZmRiNDEmYWZmPTQ5JnMxPTgzMTYmczI9JnMzPSZzND0mczU9JTIyLCUyMnR5cGUlMjI6JTIyU0RDTCUyMiwlMjJkYXRhJTIyOiUyMiU3QiU1QyUyMnMlNUMlMjI6dHJ1ZSwlNUMlMjJ0JTVDJTIyOjE5MTUsJTVDJTIyZCU1QyUyMjolN0IlNUMlMjJ3JTVDJTIyOjE2MDAsJTVDJTIyaCU1QyUyMjo1ODUsJTVDJTIyZEUlNUMlMjI6JTdCJTVDJTIydyU1QyUyMjoxNjAwLCU1QyUyMmglNUMlMjI6MTIwMCU3RCwlNUMlMjJyJTVDJTIyOiU3QiU1QyUyMnglNUMlMjI6MCwlNUMlMjJ5JTVDJTIyOjEwMCwlNUMlMjJ3aWR0aCU1QyUyMjoxNjAwLCU1QyUyMmhlaWdodCU1QyUyMjo1ODUsJTVDJTIydG9wJTVDJTIyOjEwMCwlNUMlMjJyaWdodCU1QyUyMjoxNjAwLCU1QyUyMmJvdHRvbSU1QyUyMjo2ODUsJTVDJTIybGVmdCU1QyUyMjowJTdELCU1QyUyMnMlNUMlMjI6JTdCJTVDJTIyYUglNUMlMjI6MTIwMCwlNUMlMjJhVyU1QyUyMjoxNjAwLCU1QyUyMmglNUMlMjI6MTIwMCwlNUMlMjJ3JTVDJTIyOjE2MDAlN0QsJTVDJTIyZCU1QyUyMjolN0IlNUMlMjJoJTVDJTIyOjEyMDAsJTVDJTIydyU1QyUyMjoxNjAwLCU1QyUyMm9IJTVDJTIyOjEyODUsJTVDJTIyb1clNUMlMjI6MTYwMCwlNUMlMjJ4JTVDJTIyOjE0ODAsJTVDJTIyeSU1QyUyMjoxMTcwJTdEJTdEJTdEJTIyJTdE
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.162.21.64 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li863-64.members.linode.com
Software
MCP-Shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
image/png
server
MCP-Shield
x-server
Data-2
/
sg.d.shield.monitoringservice.co/
0
170 B
Image
General
Full URL
https://sg.d.shield.monitoringservice.co/?d=JTdCJTIyayUyMjolMjJzc2s2MzNmYTJiMTgyYjQ2ZmY1ODlhN2E5YjAzOTgwNjBkYyUyMiwlMjJzJTIyOiUyMmdxN3lqNEVCcUROVVZPZDF2MDZzJTIyLCUyMmZyb20lMjI6JTIyaHR0cHM6Ly9nZXQtZmFidWxvdXMtY29udGVudC5jbGljay9scC9zYS9hci84ODRuNmVtODAzLz9jaWQ9MjBkODllYTc2YzIwY2QyN2E0ZDEwZjQxMGEwZmRiNDEmYWZmPTQ5JnMxPTgzMTYmczI9JnMzPSZzND0mczU9JTIyLCUyMnR5cGUlMjI6JTIyY0luZm8lMjIsJTIyZGF0YSUyMjolMjIlN0IlNUMlMjJhViU1QyUyMjolNUMlMjJJbnRlbCUyMEluYy4lNUMlMjIsJTVDJTIyYVIlNUMlMjI6JTVDJTIySW50ZWwlMjBJcmlzJTIwT3BlbkdMJTIwRW5naW5lJTVDJTIyJTdEJTIyJTdE
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.162.21.64 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li863-64.members.linode.com
Software
MCP-Shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
image/png
server
MCP-Shield
x-server
Data-2
empello
fd.sla-alacrity.com/token/
132 KB
132 KB
XHR
General
Full URL
https://fd.sla-alacrity.com/token/empello?token=f721ea94-e13d-4edf-bc6e-6ae4206c357a&version=2&button=I3N1YnNjcmliZQ==
Requested by
Host: fd.sla-alacrity.com
URL: https://fd.sla-alacrity.com/d513e9e03227.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
7982105dc80d56dd3f8e56a3f613c65c8a0d0152fe69b03483b00cb9f2081747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

x-request-id
63a25274-019e-41bc-993a-789b293a6a9e
access-control-max-age
1728000
access-control-expose-headers
etag
W/"7982105dc80d56dd3f8e56a3f613c65c"
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
FJZteIrpo-eEC-uknEVwiEoWSabfwv67oeaFxcwt44CKYbwxaubs7Q==
date
Fri, 06 Dec 2024 10:00:29 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.081967
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P5
server
nginx/1.21.4
/
antifraud-uk.empello.net/api/v2/token/js/get/
77 B
472 B
XHR
General
Full URL
https://antifraud-uk.empello.net/api/v2/token/js/get/
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.247.223 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-247-223.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
12edc7d5b2069938c8f4925f65540aaf4c450e80474908720f665298b58feb0f
Security Headers
Name Value
Content-Security-Policy script-src 'self'
Strict-Transport-Security max-age=0; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://get-fabulous-content.click/

Response headers

strict-transport-security
max-age=0; includeSubdomains;
content-security-policy
script-src 'self'
cache-control
no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
content-encoding
gzip
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
access-control-allow-origin
*
date
Fri, 06 Dec 2024 10:00:29 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
origin
server
nginx
x-frame-options
DENY
fp.js
fd.sla-alacrity.com/
29 KB
12 KB
Script
General
Full URL
https://fd.sla-alacrity.com/fp.js
Requested by
Host: fd.sla-alacrity.com
URL: https://fd.sla-alacrity.com/d513e9e03227.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
90b182fe0222c4c92de869a18be49fcce000b4f3c5de5650120d3260df9c2f16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

content-encoding
br
age
19487
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KNYOjxrSaF7hhbF0qG4P2tjbaNdcsIg_AC6e2_a8-h9kK6F7xG2PEQ==
date
Fri, 06 Dec 2024 04:35:42 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 12:38:25 GMT
server
nginx/1.21.4
x-amz-cf-pop
FRA56-P5
vary
Accept-Encoding
fingerprint
fd.sla-alacrity.com/token/
2 B
552 B
XHR
General
Full URL
https://fd.sla-alacrity.com/token/fingerprint?token=f721ea94-e13d-4edf-bc6e-6ae4206c357a&fingerprint=c0cbc8fa47bf14e33fa83a92919d5ff7
Requested by
Host: fd.sla-alacrity.com
URL: https://fd.sla-alacrity.com/d513e9e03227.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

x-request-id
41400bf4-b714-43ed-8ed9-efa916f566f6
access-control-max-age
1728000
access-control-expose-headers
etag
W/"2689367b205c16ce32ed4200942b8b8b"
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
of99thSuCi_QdJPQ1zkk9LOscLYQbh4D7qzY6sWeLf0j3sLlMWqxiQ==
date
Fri, 06 Dec 2024 10:00:31 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Origin
x-runtime
1.949147
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P5
server
nginx/1.21.4
/
antifraud-uk.empello.net/api/v2/token/js/info/
0
350 B
XHR
General
Full URL
https://antifraud-uk.empello.net/api/v2/token/js/info/
Requested by
Host: get-fabulous-content.click
URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.247.223 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-247-223.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'self'
Strict-Transport-Security max-age=0; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://get-fabulous-content.click/

Response headers

strict-transport-security
max-age=0; includeSubdomains;
content-security-policy
script-src 'self'
cache-control
no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
x-content-type-options
nosniff, nosniff
referrer-policy
same-origin
access-control-allow-origin
*
content-length
0
date
Fri, 06 Dec 2024 10:00:31 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
origin
server
nginx
x-frame-options
DENY
smartphone.png
www.ourfastcdn.com/content/
5 KB
5 KB
Other
General
Full URL
https://www.ourfastcdn.com/content/smartphone.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
6f6c701f72c7733f6b2a4d45b23bd766096706ae78288a17e34a68a30dc4480a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

cdn-status
200
cdn-fileserver
196
date
Fri, 06 Dec 2024 10:00:31 GMT
cdn-storageserver
DE-661
content-type
image/png
last-modified
Tue, 09 May 2023 10:38:04 GMT
cdn-cachedat
10/27/2024 13:40:22
cdn-cache
HIT
cdn-requestpullcode
206
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
6c7a66c5-a071-443f-ac0a-15b8056be674
cdn-requestid
eb9c71aabf0b93e54ccebbfdb7435280
cdn-pullzone
123549
cdn-proxyver
1.05
accept-ranges
bytes
content-length
4652
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
NL
empello
fd.sla-alacrity.com/token/
2 B
554 B
XHR
General
Full URL
https://fd.sla-alacrity.com/token/empello?token=f721ea94-e13d-4edf-bc6e-6ae4206c357a&e_token=ukjyggwntztfqfvirqxzsslzsplspycpkvojbsbcjatwhokkxdlrrjvalubynwxi&empello_checks_delay=false
Requested by
Host: fd.sla-alacrity.com
URL: https://fd.sla-alacrity.com/d513e9e03227.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
nginx/1.21.4 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://get-fabulous-content.click/

Response headers

x-request-id
070abab5-58eb-4138-abba-52c6ca844da6
access-control-max-age
1728000
access-control-expose-headers
etag
W/"2689367b205c16ce32ed4200942b8b8b"
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Hkhy-R2Z5aWC-aGQGMVCkg3MdDVBJRMbm3ucWG5ZJwmF5EUafKJZLA==
date
Fri, 06 Dec 2024 10:00:31 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Origin
x-runtime
0.017881
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin,Accept,Content-Type,X-Requested-With,X-CSRF-Token
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P5
server
nginx/1.21.4

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| axios object| a0_0x3aa3 function| a0_0x177a75 function| getToken function| evina_pin function| evina_dcb function| empello function| fingerprint function| ebtekar_evina function| idex_pin function| add_complete function| check_loading_complete function| add_hidden_input function| add_hidden_submit function| add_hidden_action function| getSelector function| evina_selectors function| a0_0x1312 function| add_initial_hidden_items function| load_doc_and_add_items function| _Xajae function| _Xajb function| _Xaja object| _shield string| _b object| inputPhone object| buttonPhone object| errorPhone object| errorOtp object| form object| phoneWrapper object| OtpWrapper object| lang object| phoneNumber object| formOTP object| inputOtp object| verifyBtn object| closeSuccessMessage object| successMessage object| loading object| successConversion object| langBtn object| ti object| landBox object| STC object| Mobily object| Zain object| Virgin object| STC_content object| searchParams string| aff string| cid string| s1 string| uuid function| getAllUrlParams function| apiUrl function| regex function| otpRegex function| phoneSyntax function| validationInput string| url function| subscribe function| newSubscribe function| verify object| __cEl__ function| checkScriptLoaded object| EmpelloInterface number| EmpelloBootloaderTime object| Empello_clicks object| Empello_errors object| Empello object| FingerprintJS

4 Cookies

Domain/Path Name / Value
get-fabulous-content.click/lp/sa/ar/884n6em803 Name: _wCk
Value: ssk633fa2b182b46ff589a7a9b0398060dc
get-fabulous-content.click/ Name: 20d89ea76c20cd27a4d10f410a0fdb41
Value: 20d89ea76c20cd27a4d10f410a0fdb41
get-fabulous-content.click/ Name: _s_ZisSess
Value: 1
get-fabulous-content.click/ Name: xRec1uhdsCookie
Value: 0.5553717645509633

1 Console Messages

Source Level URL
Text
rendering warning URL: https://get-fabulous-content.click/lp/sa/ar/884n6em803/?cid=20d89ea76c20cd27a4d10f410a0fdb41&aff=49&s1=8316&s2=&s3=&s4=&s5=
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040C003F4270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antifraud-uk.empello.net
antifraud.cgparcel.net
fd.sla-alacrity.com
fonts.googleapis.com
fonts.gstatic.com
get-fabulous-content.click
sg.d.shield.monitoringservice.co
sg.r.shield.monitoringservice.co
www.ourfastcdn.com
139.162.21.64
172.217.18.3
18.66.112.100
188.114.96.3
2400:52e0:1e00::1080:1
2a00:1450:4001:82a::200a
3.11.247.223
91.192.195.101
12edc7d5b2069938c8f4925f65540aaf4c450e80474908720f665298b58feb0f
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
328157599904cf2720f53de7633dd309d75871048094bf1b2769b5178c3b85e5
3879f28482bf1add6027e0cbcbfbc4905e227c3c43549b48489b832c3ab6ee45
48b6a4c7d079e1a1c00af2ed45ca7de0f7c4326ad1f3d510e5e5eb4da1be052d
56dc0e0acefef9da846a48081da8f30f3253d89dc3d527bfc722f6e803b74e11
65d7e56c038121ece8ac7279d49dd6e92dd55d52a92984927ac2445a3cb3eb7f
6f6c701f72c7733f6b2a4d45b23bd766096706ae78288a17e34a68a30dc4480a
7982105dc80d56dd3f8e56a3f613c65c8a0d0152fe69b03483b00cb9f2081747
90b182fe0222c4c92de869a18be49fcce000b4f3c5de5650120d3260df9c2f16
994d6e124d837856735298c59b571c79f9f61e448c84ad6b742e6f6ba05cbf93
9c75ef3dd2636c65896c39655ff5856a2722c3fad45c7e8ba0e55d337ccb8a89
a864a46f91c9094e320926ae7e85371d69a0ffde22ef7700ad0377e23242292d
bba1bb0e971fe468f8a479643686000b32f1fa201fd647c4a95f83b30b22951d
c3e9be22fa355d6e75a5b14c746c238306a411c81ee444400a976b0c87045089
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855