free-gifts.club Open in urlscan Pro
52.89.84.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%20dongle%20protection...
Effective URL:
https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Submission Tags: falconsandbox
Submission: On December 05 via api (December 5th 2020, 8:45:11 pm UTC) from US

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 23 HTTP transactions. The main IP is 52.89.84.43, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is free-gifts.club.
TLS certificate: Issued by Amazon on November 4th 2020. Valid for: a year.

This is the only time free-gifts.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Orange (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	188.72.236.136 188.72.236.136	35415 (WEBZILLA) (WEBZILLA)
1 2	204.155.145.103 204.155.145.103	40824 (WZCOM-) (WZCOM-)
1 2	99.198.108.198 99.198.108.198	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	52.89.84.43 52.89.84.43	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:303... 2606:4700:3035::ac43:8ae2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	5

1 188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com

igredownload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.155.145.103 (Dallas, United States) 1 redirects

ASN40824 (WZCOM-, US)
PTR: proven.masterliberty.com

mixupabc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.198.108.198 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

kar.uptoabc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.84.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-84-43.us-west-2.compute.amazonaws.com

amzlink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
free-gifts.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3035::ac43:8ae2 (United States)

ASN13335 (CLOUDFLARENET, US)

loadimg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	loadimg.net loadimg.net	230 KB
2	uptoabc.com 1 redirects kar.uptoabc.com	4 KB
2	mixupabc.com 1 redirects mixupabc.com	4 KB
1	free-gifts.club free-gifts.club	6 KB
1	amzlink.net amzlink.net	541 B
1	igredownload.com igredownload.com	6 KB
23	6

	Domain	Requested by
18	loadimg.net	free-gifts.club
2	kar.uptoabc.com	1 redirects
2	mixupabc.com	1 redirects igredownload.com
1	free-gifts.club
1	amzlink.net	kar.uptoabc.com
1	igredownload.com
23	6

This site contains no links.

Subject Issuer	Validity	Valid
igredownload.com Let's Encrypt Authority X3	`2020-10-12` - `2021-01-10`	3 months	crt.sh
mixupabc.com Let's Encrypt Authority X3	`2020-10-13` - `2021-01-11`	3 months	crt.sh
kar.uptoabc.com Let's Encrypt Authority X3	`2020-10-02` - `2020-12-31`	3 months	crt.sh
prizecenter.club Amazon	`2020-11-04` - `2021-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-09` - `2021-11-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Frame ID: 34EDCA0312C77DD21737A240CBA36DAE
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%2... Page URL
https://mixupabc.com/i/4537?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516 Page URL
https://mixupabc.com/d/4537/1607201094793042-T8N7FU?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wt... HTTP 302
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&c... Page URL
https://kar.uptoabc.com/proc.php?0b48592469624334ea659749076d4e7dd6897294 HTTP 302
https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pi... Page URL
https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

249 kB
Transfer

493 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%20dongle%20protection&s1=How%20to%20crack%20a%20usb%20dongle%20protection&s2=b20 Page URL
https://mixupabc.com/i/4537?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516 Page URL
https://mixupabc.com/d/4537/1607201094793042-T8N7FU?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516 HTTP 302
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409 Page URL
https://kar.uptoabc.com/proc.php?0b48592469624334ea659749076d4e7dd6897294 HTTP 302
https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push Page URL
https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://mixupabc.com/d/4537/1607201094793042-T8N7FU?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516 HTTP 302
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409

Request Chain 3

https://kar.uptoabc.com/proc.php?0b48592469624334ea659749076d4e7dd6897294 HTTP 302
https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9 Show response
igredownload.com/ 6 KB
6 KB 233ms
164ms Document
text/html 188.72.236.136
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%20dongle%20protection&s1=How%20to%20crack%20a%20usb%20dongle%20protection&s2=b20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 1f2-12-d2456-136.webazilla.com
Software: nginx/1.18.0 /
Resource Hash: 88ea76bbdbd0959b0ffbab4e5c2d43c0bc340e257b674005c612c8459e80d7da

Request headers

:method: GET
:authority: igredownload.com
:scheme: https
:path: /Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%20dongle%20protection&s1=How%20to%20crack%20a%20usb%20dongle%20protection&s2=b20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.18.0
date: Sat, 05 Dec 2020 20:44:54 GMT
content-type: text/html; charset=utf-8
set-cookie: bd_context=56egziWpjeLTOrIeOryvMpFU1H30U4WWm1/R7geQgKLIEB07uRwsIxgif723ovtyFdT2Wgu8Fo9nRrKfbq4ZJnbr68IaJv0OW5EwCJS263sAq9eLS7AXk7KS/7boZevrVIGBV2qdsOOS0bTLqkvRJqW95DqZ4sNzcXB22EpPYCUuA05WFBNSaTTO2yr6PKNEasbZwX41RqCcreJfYt/vehRSnj6GhmRudVdl/epBzRuq6uQ/l/E9Tl5kCrD1Rt0w/DkN0DQsOaUOdFwa1b9kk1pq+FLBEFSaeYqghXw0+cwsD7gRGU2I0H/n1BT+LUYN/x19kMgGS1VSdxY=; Expires=Sun, 05 Dec 2021 20:44:54 GMT

GET
H/1.1 200
OK 4537 Show response
mixupabc.com/i/ 15 KB
3 KB 399ms
131ms Document
text/html 204.155.145.103
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL

https://mixupabc.com/i/4537?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516

Requested by

Host: igredownload.com
URL: https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=How%20to%20crack%20a%20usb%20dongle%20protection&s1=How%20to%20crack%20a%20usb%20dongle%20protection&s2=b20

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.155.145.103 Dallas, United States, ASN40824 (WZCOM-, US),

Reverse DNS

proven.masterliberty.com

Software

nginx-more /

Resource Hash

790f14f304323f21b2dea653ca2233c11a346e4b8382b7edf5f1cf85e3e82689

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Host: mixupabc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://igredownload.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://igredownload.com/

Response headers

Date: Sat, 05 Dec 2020 20:44:55 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: nginx-more
Strict-Transport-Security: max-age=15768000
Content-Encoding: br

GET
H2

200

/ Show response
kar.uptoabc.com/
Redirect Chain

https://mixupabc.com/d/4537/1607201094793042-T8N7FU?&partner_subid=AEbxy190AQQAIT0CAEZSNAASABc9wtUA&nsid=262516
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5...

9 KB
3 KB

349ms
119ms

Document
text/html

99.198.108.198
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.4.10

Resource Hash

9cd268746484b136e50245916af9978c19bced2acab4b42bc6a8f09ca61b6031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: kar.uptoabc.com
:scheme: https
:path: /?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sat, 05 Dec 2020 20:44:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.10
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=2daad0ec294a04d0dbd0102cb0f484b2; expires=Sun, 05-Dec-2021 20:44:55 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Date: Sat, 05 Dec 2020 20:44:55 GMT
Content-Length: 0
Connection: keep-alive
Location: https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409
Set-Cookie: ird4537=3409; path=/ ifd=[{"c":3409,"i":1,"e":1607287495}]; path=/
Server: nginx-more
Strict-Transport-Security: max-age=15768000

GET
H2

200

visit.php Show response
amzlink.net/
Redirect Chain

https://kar.uptoabc.com/proc.php?0b48592469624334ea659749076d4e7dd6897294
https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push

645 B
541 B

561ms
189ms

Document
text/html

52.89.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push
Requested by: Host: kar.uptoabc.com
URL: https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.84.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-84-43.us-west-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) PHP/5.4.45 / PHP/5.4.45
Resource Hash: 0ae33434c62982389ffcf3b78ca14983a450e579d0b614f9cf16fa41d5a17846

Request headers

:method: GET
:authority: amzlink.net
:scheme: https
:path: /visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&1=MjYyNTE2_4111_4537&isubid=9417d7b73fd5f363293df43620e87b59_1607201095_4537_3409&icid=3409#

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-type: text/html; charset=UTF-8
content-length: 374
server: Apache/2.4.46 (Amazon) PHP/5.4.45
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 05 Dec 2020 20:44:55 GMT
content-type: text/html; charset=UTF-8
location: https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push
x-powered-by: PHP/7.4.10
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 Primary Request prize.php Show response
free-gifts.club/ 25 KB
6 KB 221ms
186ms Document
text/html 52.89.84.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.84.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-84-43.us-west-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) PHP/5.4.45 / PHP/5.4.45
Resource Hash: da3aad7a5c5e6e5e1222937abdce774e3f33caa176d376c5ea4c3b7dfcd1ca56

Request headers

:method: GET
:authority: free-gifts.club
:scheme: https
:path: /prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://amzlink.net/visit.php?s=mon&country=FR&lp=64&cid=M6902876141137166851&partner_id=5761&pid=5761-c597eb70&creative_id=[[creative_id]]&cost=[[cost]]&type=Push

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-type: text/html; charset=UTF-8
content-length: 5901
server: Apache/2.4.46 (Amazon) PHP/5.4.45
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 bootstrap.min.css
loadimg.net/lp/lp64/ 118 KB
18 KB 45ms
21ms Stylesheet
text/css 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadimg.net/lp/lp64/bootstrap.min.css
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7959110389095f98eddd3d5a690d44a141b744cf35b1ba3d0a9d9f5c1127907

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 03:29:21 GMT
server: cloudflare
age: 2976
etag: W/"1d9cc-5b55ebb8c27bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t2826qn5rEBBLD3VkBtL9w5u%2Bblh4mmsEf5TXNF%2BAVPkmlQsYPbopzimkHzrEtOGbJB2XrgSjhQyLcmE6n%2BL8ydZcgNlZlGlkmTernXPxHMbswOz4SkLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fd09ba6fd2b2c4a-FRA
cf-request-id: 06d63f9c5a00002c4a8b80a000000001

GET
H2 200 bundle_fr.css
loadimg.net/lp/lp64/ 29 KB
6 KB 44ms
20ms Stylesheet
text/css 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadimg.net/lp/lp64/bundle_fr.css
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0b3a1878354eff02038232899e6156500765dca7b08f4acf71299771e77a0e

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2976
cf-polished: origSize=42468
cf-request-id: 06d63f9c5a00002c4ab2a46000000001
last-modified: Tue, 01 Dec 2020 03:29:22 GMT
server: cloudflare
etag: W/"a5e4-5b55ebb936b1f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mvkTwpCiVywTeSiE0nhdt3z%2F5n4xG4BpHSx78%2FfMV83MmtbYA%2B%2BvRg6dQCRMoo%2FimPq6MKCE6KacizXVzVu2KNp7kLuNpP1NKc5Pl96lsUHZ5bMEIeKuNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5fd09ba6fd2d2c4a-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
loadimg.net/lp/lp64/ 85 KB
29 KB 46ms
22ms Script
text/javascript 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadimg.net/lp/lp64/jquery.min.js
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 03:29:27 GMT
server: cloudflare
age: 2976
etag: W/"1538e-5b55ebbe7c4d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MJaHtL4R45ycww0gzxPkyrmZyqnXEit4PYrNkMXpa4n4O9uoQ2iB%2FlcuiWLckskK72VChNLju344CKZofAvkCXDlrsx7%2FSSw%2FkMxwwvhudF40a5wn6MkbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fd09ba6fd2f2c4a-FRA
cf-request-id: 06d63f9c5a00002c4ad1a99000000001

GET
H2 200 orange-l.png
loadimg.net/lp/lp64/ 4 KB
4 KB 14ms
9ms Image
image/png 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/orange-l.png
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ad1c1b744feae33937df055beb7d684b4d89c677fb9ced258b7d0d760c3390

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2976
content-length: 3599
cf-request-id: 06d63f9c8200002c4ac9924000000001
last-modified: Tue, 01 Dec 2020 03:29:29 GMT
server: cloudflare
etag: "e0f-5b55ebc00ea58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KlE6IWUV%2FpzKXOqKaDf%2BtLrxqAJGgRdtKguFEDGt%2F3mPSwMj6OmBap5rH5eZwY1BoarUy2%2FSOvAvMzdNxSND9Zus5nZDUyrotn8uFhZnwvC65doL8QF%2Fqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc02c4a-FRA

GET
H2 200 orange-line.png
loadimg.net/lp/lp64/ 3 KB
4 KB 25ms
20ms Image
image/png 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/orange-line.png
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9781f45dc83209f59742326b27b9577db20831cd706ec722cc32131ca6a80353

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2976
content-length: 3546
cf-request-id: 06d63f9c8200002c4a6c306000000001
last-modified: Tue, 01 Dec 2020 03:29:29 GMT
server: cloudflare
etag: "dda-5b55ebc04a377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HV1Vu8Bf2WcmQDtRDeyEx55FhchfgdMuKmVSY%2FgM%2FPDMbyDyP1s4%2FO1Gq6KomKnX%2BC%2FKEhXtzvrZU5gd7hkWW230nvWGwXIewdoDqsnrELEQOeEsXxXLtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc22c4a-FRA

GET
H2 200 bootstrap.js Show response
loadimg.net/lp/lp64/ 36 KB
10 KB 15ms
15ms Script
text/javascript 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadimg.net/lp/lp64/bootstrap.js
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15452215292be6e06c2055e5f85a4d82fe5778480b6e0ce3c70ebba2dd6a28b

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2976
cf-polished: origSize=37045
cf-request-id: 06d63f9c7400002c4a9e8ae000000001
last-modified: Tue, 01 Dec 2020 03:29:21 GMT
server: cloudflare
etag: W/"90b5-5b55ebb88fb3f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=trijg8BG3S3NnWEoyu7t3ddickz5rcqiVR%2BKEPyAm718Lx%2BPLvTnbAclK2w3YVF%2FsJpfmU75Fg5iGOtNy7kqMrgSVLU2KeFwBYB8LovTPnpKjOQm78GFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 5fd09ba71d832c4a-FRA
cf-bgj: minify

GET
H2 200 iPhone11Pro.jpg
loadimg.net/lp/lp64/ 5 KB
5 KB 24ms
19ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/iPhone11Pro.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e5712cb5c1e26662855677ea59bba0b207887593519b7c73bc84475ca4c4880

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 4909
cf-request-id: 06d63f9c8300002c4ab19c2000000001
last-modified: Tue, 01 Dec 2020 03:29:26 GMT
server: cloudflare
etag: "132d-5b55ebbd3a09a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KdPMx8fmDKb8OkJhiAbp3IMkYArV5sSCNh1CE1OLul5ntsm4fj8lCW2iuVoWVJHpYXPkxabbzyLUDHEO3vQRjDss%2F9%2Fy6M3a9c%2BRVz%2FZ5zRqQu1zIoGnng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc32c4a-FRA

GET
H2 200 iphone12pro.png
loadimg.net/lp/lp64/ 33 KB
34 KB 22ms
18ms Image
image/png 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/iphone12pro.png
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edee6484d27a486a7a2bed1e7bb704c0d67efff381ebdf1fca85a3fe4d1d85ac

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 34209
cf-request-id: 06d63f9c8300002c4aa5b0e000000001
last-modified: Tue, 01 Dec 2020 03:29:27 GMT
server: cloudflare
etag: "85a1-5b55ebbe3cd39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m8f2pkmaOodcXlkP%2FnBNmv1%2B%2BKy%2BkNLkkh8vUf1IhecPc1X4aqDkiD1mERpu8plJG1%2FW6l%2BzKbXYb8BqMzB4pBDOhbBfAs%2BZoQWdacCJSUKmjDUs7cdANg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc42c4a-FRA

GET
H2 200 s20.png
loadimg.net/lp/lp64/ 60 KB
61 KB 17ms
13ms Image
image/png 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/s20.png
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172e225d2ed5a1c47e12e6fb4ac7f14a724983fe8abbf047c9cfb0fb0428e35b

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 61699
cf-request-id: 06d63f9c8300002c4ac4290000000001
last-modified: Tue, 01 Dec 2020 03:29:30 GMT
server: cloudflare
etag: "f103-5b55ebc183b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gj8%2FFHpa%2B6SwKTgxMSc6m4dRC48ESCZuo%2FINQPPoa7y%2B7QW3AhqWsT7G6JP04TcOUNgeKk2xjPghVcA9zTi0hqn%2BZ8IalM%2B%2BrRaGql1clguC7mMaHZWBgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc52c4a-FRA

GET
H2 200 facefr1.jpg
loadimg.net/lp/lp64/ 8 KB
9 KB 14ms
10ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr1.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499175a98fdc121418bb1f6376bcebe88a18b6c1de8aa078e608cc8a3c134bff

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 8524
cf-request-id: 06d63f9c8300002c4a9e8b0000000001
last-modified: Tue, 01 Dec 2020 03:29:22 GMT
server: cloudflare
etag: "214c-5b55ebb9d7d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AiiMxSKoMsNtoe47LGkt%2FizByaZtl6uSGUCbKJjtl%2BmTbEsDMLnBQrE%2BRigO%2BmLejkLFxUPOIavLcMKfmdcdABtIbEja1NSNBuVZk8%2F3a9FG7jDlWDbdlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc62c4a-FRA

GET
H2 200 facefr2.jpg
loadimg.net/lp/lp64/ 10 KB
10 KB 20ms
17ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr2.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c1b31eca7945eededcc831b27b321d64348e06ed68b076e46b0c350fb8d5a4

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 9757
cf-request-id: 06d63f9c8300002c4a882a1000000001
last-modified: Tue, 01 Dec 2020 03:29:22 GMT
server: cloudflare
etag: "261d-5b55ebb9fee3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hk51izgj5Z7wN3j%2FyUdN26TD75SLRTz4CjAhI5J7wPijPHLLd1TUj2s%2BqQcZ%2BHdKQBYmsegaDfWPv8m%2FDalaehhQ%2F%2BdbgbWnfdBx9PxBlMIQv6HcY6YDPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dc82c4a-FRA

GET
H2 200 facefr3.jpg
loadimg.net/lp/lp64/ 9 KB
10 KB 23ms
19ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr3.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f7ca2744784d6ab870204186c251b4b9a092c63f2afc997439f384537809c5

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 9583
cf-request-id: 06d63f9c8400002c4a64341000000001
last-modified: Tue, 01 Dec 2020 03:29:23 GMT
server: cloudflare
etag: "256f-5b55ebba750dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RzGgp%2BaYa4Igat6PYU0tZbm9%2FhMfhEUOriozLEKRxhzBT5E3AyF9IocvO%2FDU3Kj9vwUHZ7Qqlmfl36uGerg6uxnMY9MzeHKLCcJBRy3HOelhB70Q3bCVEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dcd2c4a-FRA

GET
H2 200 facefr4.jpg
loadimg.net/lp/lp64/ 9 KB
9 KB 19ms
16ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr4.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31da977422a452c01ba8b24e8dda1658ebf71b5dff03e7f643d129d2cb989108

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 9037
cf-request-id: 06d63f9c8400002c4a770e0000000001
last-modified: Tue, 01 Dec 2020 03:29:23 GMT
server: cloudflare
etag: "234d-5b55ebba9d17d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yxZ0UEfh8jqgTeMy4exUVRsGx%2B%2BBnqFwFGAVo8uWPbKuBFa%2FUjsh1zi0lFAcytwoA1RY%2FUFLF7RIu1XlVt4hboIUU1nHLHGbHg5U0DM4anHKGg%2FbZG2Tww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dce2c4a-FRA

GET
H2 200 facefr5.jpg
loadimg.net/lp/lp64/ 8 KB
8 KB 23ms
20ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr5.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df91cd843f42ad524624c097d0553ec4cb46a871d28b2e537f361f393a7cc127

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 7971
cf-request-id: 06d63f9c8400002c4ad1a9c000000001
last-modified: Tue, 01 Dec 2020 03:29:24 GMT
server: cloudflare
etag: "1f23-5b55ebbb0f59d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FKWrLhQUddin2ljkrc8y0aHpLdDiVr%2Fr1XnWkuPZ5vNk%2FsIRRUGSvf7CdqP3lVzr8fktPmR4EXL71QgOa0foCf7Q0jvFD%2Bp0a04HpPhNROV9dl2IGa9y0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dd02c4a-FRA

GET
H2 200 facefr6.jpg
loadimg.net/lp/lp64/ 7 KB
7 KB 21ms
18ms Image
image/jpeg 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/facefr6.jpg
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d300e20890903b0cd0fb8634406fd9f71929ce0a1891d7a942310ce88273216

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 6997
cf-request-id: 06d63f9c8400002c4ab5aa0000000001
last-modified: Tue, 01 Dec 2020 03:29:24 GMT
server: cloudflare
etag: "1b55-5b55ebbb337bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BBBREzDXM8VJ5a%2FCSplRKrga14wzEPhvGt%2FHOjUb5FNVSGkDCU0qX9ASOII5jfvRr6qBwBZCUdjnc2S7HbNFjd5UkMcnQcIy6xlaiZcBuXeTdVenE2T1CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dd12c4a-FRA

GET
H2 200 rta.gif
loadimg.net/lp/lp64/ 2 KB
2 KB 21ms
19ms Image
image/gif 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/rta.gif
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 1874
cf-request-id: 06d63f9c8400002c4a6f2e8000000001
last-modified: Tue, 01 Dec 2020 03:29:30 GMT
server: cloudflare
etag: "752-5b55ebc145316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MQufTHk5zDpSgqZa4gtNrsB7uhkcGuUFAxOg1BTXk%2BbAWs5UKaX0VfMippt1Z47VSbbRdRp8p8FlVRcOhvjPUD3wKlDAmSCpbcqxoFnBZ2E0FdkagDUHYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dd22c4a-FRA

GET
H2 200 or-ico.png
loadimg.net/lp/lp64/ 1 KB
2 KB 14ms
12ms Image
image/png 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadimg.net/lp/lp64/or-ico.png
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0078598b57b6b905078c2ac3b0bb2965d72a93c950aaac7ba88505c4e62dee

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2975
content-length: 1371
cf-request-id: 06d63f9c8400002c4a7421c000000001
last-modified: Tue, 01 Dec 2020 03:29:28 GMT
server: cloudflare
etag: "55b-5b55ebbfb1df8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4F%2FPRfZ8WuMoSOjdfc5vVOlFRJGMpgHmhG5YJDIuh32T7ZcKlG1grAN%2F0MkzBX1PMCVuQX2i6BWiHeg7ueaFNsprdUdDRRe8Qq%2BZXsRoER8tbx%2BIovv8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fd09ba73dd32c4a-FRA

GET
H2 200 bundle_oranges.js Show response
loadimg.net/lp/lp64/ 11 KB
3 KB 16ms
15ms Script
text/javascript 2606:4700:3035::ac43:8ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadimg.net/lp/lp64/bundle_oranges.js
Requested by: Host: free-gifts.club
URL: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23477ed93370f664e4865d19c6f13f6fd57f408208a63a3fa17c78164cce707a

Request headers

Referer: https://free-gifts.club/prize.php?id=134475&uid=1&country=FR&lp=64&source_id=1&os=Apple
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 20:44:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2976
cf-polished: origSize=19756
cf-request-id: 06d63f9c7600002c4aa892e000000001
last-modified: Tue, 01 Dec 2020 03:29:22 GMT
server: cloudflare
etag: W/"4d2c-5b55ebb96591e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NSQrX5gTvhvIO26hK%2FtQAaM%2B%2FiRIp3DvZua95E%2BMgrjva3XHa3COFAp3Z3NeZccaHT9gYAkkzW46sITeT41tVdQh8jGi9f1uBuiEn6fGkPBIj2BtfOZqpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 5fd09ba72d902c4a-FRA
cf-bgj: minify

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Orange (Telecommunication)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amzlink.net
free-gifts.club
igredownload.com
kar.uptoabc.com
loadimg.net
mixupabc.com
188.72.236.136
204.155.145.103
2606:4700:3035::ac43:8ae2
52.89.84.43
99.198.108.198
06ad1c1b744feae33937df055beb7d684b4d89c677fb9ced258b7d0d760c3390
0ae33434c62982389ffcf3b78ca14983a450e579d0b614f9cf16fa41d5a17846
0d300e20890903b0cd0fb8634406fd9f71929ce0a1891d7a942310ce88273216
172e225d2ed5a1c47e12e6fb4ac7f14a724983fe8abbf047c9cfb0fb0428e35b
1e5712cb5c1e26662855677ea59bba0b207887593519b7c73bc84475ca4c4880
1f0078598b57b6b905078c2ac3b0bb2965d72a93c950aaac7ba88505c4e62dee
21c1b31eca7945eededcc831b27b321d64348e06ed68b076e46b0c350fb8d5a4
23477ed93370f664e4865d19c6f13f6fd57f408208a63a3fa17c78164cce707a
31da977422a452c01ba8b24e8dda1658ebf71b5dff03e7f643d129d2cb989108
36f7ca2744784d6ab870204186c251b4b9a092c63f2afc997439f384537809c5
4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5
499175a98fdc121418bb1f6376bcebe88a18b6c1de8aa078e608cc8a3c134bff
790f14f304323f21b2dea653ca2233c11a346e4b8382b7edf5f1cf85e3e82689
88ea76bbdbd0959b0ffbab4e5c2d43c0bc340e257b674005c612c8459e80d7da
9781f45dc83209f59742326b27b9577db20831cd706ec722cc32131ca6a80353
9b0b3a1878354eff02038232899e6156500765dca7b08f4acf71299771e77a0e
9cd268746484b136e50245916af9978c19bced2acab4b42bc6a8f09ca61b6031
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b15452215292be6e06c2055e5f85a4d82fe5778480b6e0ce3c70ebba2dd6a28b
b7959110389095f98eddd3d5a690d44a141b744cf35b1ba3d0a9d9f5c1127907
da3aad7a5c5e6e5e1222937abdce774e3f33caa176d376c5ea4c3b7dfcd1ca56
df91cd843f42ad524624c097d0553ec4cb46a871d28b2e537f361f393a7cc127
edee6484d27a486a7a2bed1e7bb704c0d67efff381ebdf1fca85a3fe4d1d85ac

free-gifts.club Open in urlscan Pro 52.89.84.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

249 kBTransfer

493 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

0 Cookies

Indicators

free-gifts.club Open in urlscan Pro
52.89.84.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

249 kB
Transfer

493 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!