urlscan.io logo urlscan.io
SecurityTrails logo

www.heingiftdec.com Open in urlscan Pro
172.67.187.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.c7wbclk.com/2GXK7W/5X8MZTP/?Sub2=[affid]_[subid1]&Sub1=[trackid]
Effective URL: https://www.heingiftdec.com/o/17661785404e48e486
Submission: On June 03 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 172.67.187.54, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heingiftdec.com.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time www.heingiftdec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.160.222.255 15169 (GOOGLE)
2 2 188.114.96.3 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
16 172.67.187.54 13335 (CLOUDFLAR...)
1 172.217.18.4 15169 (GOOGLE)
19 3
2    34.160.222.255 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 255.222.160.34.bc.googleusercontent.com
www.c7wbclk.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.zebratrk.com
trk.trkinthejun.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.trkinthejun.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.trackaugust.com
trk.trkinthejun.com
16    172.67.187.54 (United States)

ASN13335 (CLOUDFLARENET, US)
www.heingiftdec.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
16 heingiftdec.com
www.heingiftdec.com
115 KB
3 trkinthejun.com
trk.trkinthejun.com
2 KB
2 c7wbclk.com
www.c7wbclk.com
807 B
1 google.com
www.google.com — Cisco Umbrella Rank: 7
1 trackaugust.com
www.trackaugust.com
2 KB
1 zebratrk.com
www.zebratrk.com
619 B
19 6
Domain Requested by
16 www.heingiftdec.com www.trackaugust.com
www.heingiftdec.com
3 trk.trkinthejun.com 2 redirects
2 www.c7wbclk.com 2 redirects
1 www.google.com www.heingiftdec.com
1 www.trackaugust.com
1 www.zebratrk.com 1 redirects
19 6

This site contains no links.

Subject Issuer Validity Valid
trackaugust.com
GTS CA 1P5		 2024-05-20 -
2024-08-18		 3 months crt.sh
heingiftdec.com
GTS CA 1P5		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
trkinthejun.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.heingiftdec.com/o/17661785404e48e486
Frame ID: 10BA3AD19D924F36E3CAB2AAD6985DCC
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/
Frame ID: 535A1EC115DEED7951895C3A962A9290
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Registration - My Profile

Page URL History Show full URLs

  1. https://www.c7wbclk.com/2GXK7W/5X8MZTP/?Sub2=[affid]_[subid1]&Sub1=[trackid] HTTP 302
    https://www.c7wbclk.com/2GXK7W/6WKSQD8/?__ptid=38c5edccea49480dada772fd7b35b073&sub1=%5Btrackid%5D&s... HTTP 302
    http://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b4... HTTP 307
    https://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b4... HTTP 302
    https://trk.trkinthejun.com/cwv8l4k.php?key=nhob6ykoqh1ocx9fm6p2&clickid=2O0AybQhPiOX19eZ000ST3nFK0hiB1&... HTTP 302
    https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52m... Page URL
  2. https://www.heingiftdec.com/o/17661785404e48e486 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

117 kB
Transfer

327 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.c7wbclk.com/2GXK7W/5X8MZTP/?Sub2=[affid]_[subid1]&Sub1=[trackid] HTTP 302
    https://www.c7wbclk.com/2GXK7W/6WKSQD8/?__ptid=38c5edccea49480dada772fd7b35b073&sub1=%5Btrackid%5D&sub2=%5Baffid%5D_%5Bsubid1%5D&sub3=&sub4=&sub5=&source_id= HTTP 302
    http://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4= HTTP 307
    https://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4= HTTP 302
    https://trk.trkinthejun.com/cwv8l4k.php?key=nhob6ykoqh1ocx9fm6p2&clickid=2O0AybQhPiOX19eZ000ST3nFK0hiB1&sub1=1063&sub2=1153&sub3=33_&sub4=&sub5=&sub6=f9a33b402cb54e8a995c53e394d39b46 HTTP 302
    https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394d39b46&sub7={t7}&sub8={t8}&sub9={t9}&sub10={t10}&uclick=us52myej&uclickhash=us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91 Page URL
  2. https://www.heingiftdec.com/o/17661785404e48e486 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.c7wbclk.com/2GXK7W/5X8MZTP/?Sub2=[affid]_[subid1]&Sub1=[trackid] HTTP 302
  • https://www.c7wbclk.com/2GXK7W/6WKSQD8/?__ptid=38c5edccea49480dada772fd7b35b073&sub1=%5Btrackid%5D&sub2=%5Baffid%5D_%5Bsubid1%5D&sub3=&sub4=&sub5=&source_id= HTTP 302
  • http://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4= HTTP 307
  • https://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4= HTTP 302
  • https://trk.trkinthejun.com/cwv8l4k.php?key=nhob6ykoqh1ocx9fm6p2&clickid=2O0AybQhPiOX19eZ000ST3nFK0hiB1&sub1=1063&sub2=1153&sub3=33_&sub4=&sub5=&sub6=f9a33b402cb54e8a995c53e394d39b46 HTTP 302
  • https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394d39b46&sub7={t7}&sub8={t8}&sub9={t9}&sub10={t10}&uclick=us52myej&uclickhash=us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91
Request Chain 15
  • https://trk.trkinthejun.com/cwv8l4k.php?lp=1&to_offer=1&uclick=us52myb4 HTTP 302
  • https://www.google.com/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
17661785404e48e486
www.trackaugust.com/o/kg4fc1lbf5pk6h/
Redirect Chain
  • https://www.c7wbclk.com/2GXK7W/5X8MZTP/?Sub2=[affid]_[subid1]&Sub1=[trackid]
  • https://www.c7wbclk.com/2GXK7W/6WKSQD8/?__ptid=38c5edccea49480dada772fd7b35b073&sub1=%5Btrackid%5D&sub2=%5Baffid%5D_%5Bsubid1%5D&sub3=&sub4=&sub5=&source_id=
  • http://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4=
  • https://www.zebratrk.com/index.php?offer_id=1153&aff_id=1063&aff_sub1=f9a33b402cb54e8a995c53e394d39b46&aff_sub2=33_&aff_sub4=
  • https://trk.trkinthejun.com/cwv8l4k.php?key=nhob6ykoqh1ocx9fm6p2&clickid=2O0AybQhPiOX19eZ000ST3nFK0hiB1&sub1=1063&sub2=1153&sub3=33_&sub4=&sub5=&sub6=f9a33b402cb54e8a995c53e394d39b46
  • https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394d39b46&sub7={t7}&sub8={t8}&sub9={t9}&sub10={t10}&uclick=us52myej&uclickhash=us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88de6e883a3665b0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Jun 2024 08:49:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mL83yCq%2BXsKbhlbIb1iJOuyze53qV%2FpeS0ESJx2vEP%2FBRUYaJMJKd1s%2BJjsZ3rpRswGDANTGuuDPAx%2BVlrOW2qGN7%2FHi5wdT6zllEq0Nk4haZ2oKo%2Fxzo9eZQdOdH8%2BdWGBgeC2Q"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88de6e855c52913d-FRA
content-type
text/html; charset=UTF-8
date
Mon, 03 Jun 2024 08:49:46 GMT
location
https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394d39b46&sub7={t7}&sub8={t8}&sub9={t9}&sub10={t10}&uclick=us52myej&uclickhash=us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiCADyqCV6FalsNhPkd3oTgUO3tcxEru2%2FPaDSry2kQeBP5n%2F4sli4ZbL9IPG4CTSNXdMohSu4Wrjnqw4cxfjRqVOsWol3ei3SfS53gvMdOEKnWxGtQCbC5CcnWEjxQL8I7xtl8%2BSJ8E0GoXr2SBJ6C2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request 17661785404e48e486
www.heingiftdec.com/o/ 		49 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/o/17661785404e48e486
Requested by
Host: www.trackaugust.com
URL: https://www.trackaugust.com/o/kg4fc1lbf5pk6h/17661785404e48e486?ts=44&campaign=400201&clickid=28ccaus52myej1bb&sub1=1063&sub2=1153&sub3=33_&sub4=Unknown&sub5=Unknown&sub6=f9a33b402cb54e8a995c53e394d39b46&sub7={t7}&sub8={t8}&sub9={t9}&sub10={t10}&uclick=us52myej&uclickhash=us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f25b7b9f09cfd9ae992dd3a7875272afce922be911c77f82d0c4ac036b09393

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.trackaugust.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88de6e8bbfa33a74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Jun 2024 08:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIvi6Mqg6uUt2h0lAzQuhbhU4Qy%2BxD1OW2Wv%2FBpswTpvVtgPCcMl0xnMl68iL2jjyPKRf5fZ2mXB3w9HL6EOHMmm%2B%2BbJBZDrEEkW9YQClrfIHj1S2lYBzvWgw1mNOf7JVBqNLHON"}],"group":"cf-nel","max_age":604800}
server
cloudflare
index.min.css
www.heingiftdec.com/static/css/dbyyawlw/registration/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/dbyyawlw/registration/index.min.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4a4b919a4754ea19693b0c5659ed5145d40515154ecb83801397a82dc11615

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 11 Jan 2023 09:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ClqRpD3%2Fi%2BVxVigw5TmYYwyNegbLWQZGAnTKSgMfB6Wr0cCXiwl3x%2FLapr0jcZlBLMlaS2OiZHzrVuglmC%2B4HBtVed%2FYURQsLRylmueU8TSAOzvXsaqn9MlFl25z4R5CD69OibO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa6b3a74-FRA
alt-svc
h3=":443"; ma=86400
axios.min.js
www.heingiftdec.com/static/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/axios.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb9575ff86d9b7fadf3a95a8b79b17ac7d86fb11d099350691b03a197532856

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 20 Jul 2022 07:27:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBJHTw7TRXvAu2ajW3qpOZT9JoHOnqeBwTeeKcEtc%2Fz%2BdqvDzrv44cpQnZ47wUYWduKZoxqzUmnepOuUae80klx%2BXV9oBQ05F3uYKIlSuYRodD7cqZAm9Bxxi3mzqFBojGIq7arm"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa6e3a74-FRA
alt-svc
h3=":443"; ma=86400
config.min.js
www.heingiftdec.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/config.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd81fee7556209d13ec49fe2cb3832ed19227491fd303e8aeaacbea7ceaf07fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 02 Dec 2022 03:35:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjoWjq6jp9mSpCxjKnrnkW91Mu8dCOQSzg1CHanxGE02bIl87DW0aogxl%2FU0QIFESUPydO5WnNJ%2F0qqdJZfeq1paTgkFMb6jTLD4BvQrkamd50bzdgFe6CBV5kKzQ%2BHJTDSmbCtY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa703a74-FRA
alt-svc
h3=":443"; ma=86400
event_1.min.js
www.heingiftdec.com/static/js/ 		680 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/event_1.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c091f78cf544069c205b85a85e97c4385e699d05e7cfa1dbd811e4526b04b5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 08 Sep 2022 10:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDlLWRsRoqQJNLQBTI19ckf9w53qHZcxXUOwg5qOgE6hUi%2B%2FT2Yp%2Fzm1n2szTZuB59QxNMf3kiC1J1tz0uu3%2FtOYcAWVETLpowfoIRDT31KRDLB47CBXhpBAOkHAaygZTt5sWsi0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa713a74-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
www.heingiftdec.com/static/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/jquery/jquery-3.6.0.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Sep 2022 06:37:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VyVT4uXArc6EUL2dNIDEzuCawsfNtBWlSkA6LoSK51UyMyYudzT3ehDCOBldA%2Fn9Y8EPRQBXIDGgtg8qFbas8ze3EfCuSE%2BA%2F06hBndwIpMD2mowbqcBxialBK6BuC8VSkyvp%2FT"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa723a74-FRA
alt-svc
h3=":443"; ma=86400
jquery.qtip.min.css
www.heingiftdec.com/static/css/libs/jquery/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/jquery/jquery.qtip.min.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a96f15487ccc31484e0c61f6aeaaad720df349b834201721dcbc35a2cfb8800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 09 Oct 2022 10:33:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRcKpVbw%2BQxFstVwJg1qDGXHlxfFfv5X2GdSQg3sreYDNH%2BF1IVxBmmBxofI2j%2FWwIbYK34dlAntS3kQJvB%2BwuCR9n4%2FyY7SyEOn6e5ssDEIvMrVXrnnudRlKdvoLzglV8InrZ7%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa733a74-FRA
alt-svc
h3=":443"; ma=86400
index.css
www.heingiftdec.com/static/css/libs/parsley/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/css/libs/parsley/index.css
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ab226e02dd62bd348bf3b84b2ae5312d0dfdfb6db43898180933444a04966

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Nov 2022 08:36:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iz7JVwFvd6yd5zfFdhtdrlT4zAiMX0Qsc9%2BRje540YLV9Yii73MVv74fm4iHVbTt%2FivS8ZsD4qpyJrOVOwknCVyDnHe9myHHoD8IJGylu7sdpl9ziDAHlOTLA7hlk2S1wyaSH7l%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e8dfa743a74-FRA
alt-svc
h3=":443"; ma=86400
mcLogo.png
www.heingiftdec.com/static/img/dbyyawlw/registration/ 		482 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heingiftdec.com/static/img/dbyyawlw/registration/mcLogo.png
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95349c6f3503f11ca77c6ffc0da91693a0fb4fff2c1d2f08af08ba4949c66097

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 09:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcAL9nNQnNqglDhLlclEvl%2B1FRFb3cRoNkY9Rnmo639REcADngWE3uUNZEZjAYeEx1jVL3xzSvPJfr1ahSbpIzzN4IIEzj6ASkUbmLvec92Y2E1w63OGz9GH1lq78zliSgzIC4%2BP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88de6e8dfa773a74-FRA
alt-svc
h3=":443"; ma=86400
content-length
482
visaLogo.png
www.heingiftdec.com/static/img/dbyyawlw/registration/ 		457 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heingiftdec.com/static/img/dbyyawlw/registration/visaLogo.png
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d94cb28c883da11b2bbead30155d33527ee85e67c0b3097ca94a60e046c028

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 09:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XhvmMoe1UOBTOKrElp3YZReQDMCe95wGqqMgm%2BIVCCKDxQyRiCFIEGb1bbnZYUzJbZy1MzaD2hxipRrzMlzGcT%2BDHTCIqnidp5iBpeEufI7QBpaDgbVvptyS8mzPBvMD83YJszC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88de6e8dfa7a3a74-FRA
alt-svc
h3=":443"; ma=86400
content-length
457
header-rgt.png
www.heingiftdec.com/static/img/dbyyawlw/registration/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heingiftdec.com/static/img/dbyyawlw/registration/header-rgt.png
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372accf9c0be754c3547a11739b2772d5a8f5528c0aa96aed2f5021e00fb8c49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 09:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tz%2Fr%2FFb3UcelqfucM1K3jdtc0D5ckbWSEX32aqk7zrbKtAJ5wmENl1feySHpsEwGR5yHalJ6aYFBmK%2F3az2z1kiRKSBcVly3Rp1ujylrBqhWTfHqjtNWs8weBM5NzhBad1DEYrkj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88de6e902cbc3a74-FRA
alt-svc
h3=":443"; ma=86400
content-length
4345
verified.png
www.heingiftdec.com/static/img/dbyyawlw/registration/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heingiftdec.com/static/img/dbyyawlw/registration/verified.png
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21a5f429a228c8229bda3a2806035627e4648d08f318bcca385480154f52b65e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:48 GMT
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 09:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3P1sdTH5u50c3P41X0gL2P7Uc6D2EMqDxDr2nCWH2%2FwspekzPAuew3i%2Fd5%2Bhq9h5UhK%2FjnJMgBDHA4cxc8Jvu85BjN%2BJMt7ySWNkfhUUm5tOmN1SLb50V4JUZpsFzSmAlkP%2Frzd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88de6e905cfa3a74-FRA
alt-svc
h3=":443"; ma=86400
content-length
19217
parsley.js
www.heingiftdec.com/static/js/parsley/ 		93 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/parsley.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4149e7ab26148bf5af37d8c2e0eec0337e549f8e715164b23333b7e1209542

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 08 Sep 2022 10:10:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJJbKQxuVmSxEu%2F0BNhUucl2EE3I7UL9W4TQ5O%2Bz18jCkG0j79fpHwV8m7pTgIB6NyoWlD%2FeBk05Hfwpq%2BQgFWL8JrN%2F7uzEdt5j1j%2Fqwj%2FXdxDCKjrUFuoP40iuo99tv76YNNkU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e906d1c3a74-FRA
alt-svc
h3=":443"; ma=86400
validate_card.min.js
www.heingiftdec.com/static/js/parsley/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/validate_card.min.js
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a272ef2e37bbbb9be3f5d2a05bfa6d2f1311f0b4bf6cdbaf7eba48bb9a5e9bb5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Oct 2022 07:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpR4QDv42wEPLZzAQgJMC9wDcFRO8I%2BtVdsrQbVaeuHLbQOsh2BAOf7MxuYMNtPrfMbSx3egZDTPVigETpBk3xF5RfEbs9bhGIsj10qUCK4E99KCs7DneA0JvdtqblD2IhPJ9HIj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e906d1f3a74-FRA
alt-svc
h3=":443"; ma=86400
validate.min.js
www.heingiftdec.com/static/js/parsley/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/static/js/parsley/validate.min.js?v=2
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68423a683e4688bf6386f00694ea562d7522eff56de13932321550cacbe914d4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 16 Aug 2023 07:38:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SaBgXWEB0XwC47u5%2FGrTzrjWTjJPhkoBF5fXdrOAAedN1c4LbJyUZMCZC%2BAXQi2ou14i2%2B5D5w3zk1v%2BtXvRogAgu1jYF5NGXh9Q2DlPg6RkJtnXLmnJKczEWk4lBLnsF10Qcrw"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e906d223a74-FRA
alt-svc
h3=":443"; ma=86400
/
www.google.com/ Frame 535A
Redirect Chain
  • https://trk.trkinthejun.com/cwv8l4k.php?lp=1&to_offer=1&uclick=us52myb4
  • https://www.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: www.heingiftdec.com
URL: https://www.heingiftdec.com/o/17661785404e48e486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.heingiftdec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
77965
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-lZPN19JWe9lBQNKeXhrBSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 03 Jun 2024 08:49:48 GMT
expires
-1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88de6e92ea0c90ec-FRA
content-type
text/html; charset=UTF-8
date
Mon, 03 Jun 2024 08:49:48 GMT
location
https://www.google.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgubCKfJQxOxUHLCOgPerTwJaV0RWJc2qDLM6cmtv%2BUf65eCIYiKcTAcTUVGof7foVEjoMkduOVcc89W7ZjZczc19QJBpneAYDdLbKJWmP4vXpwCdh%2BLU4TVf9j42PkMjZ03P2WK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cwv8l4k.php
trk.trkinthejun.com/ 		0
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.trkinthejun.com/cwv8l4k.php?event1=1&uclick=us52myb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovzbiPgJ0FQgfT03nYzcJbIjdVovMBhn0Ha1Zqrn0balxh4uiJk5y5ZdWeGcOn9YRvI899JgaGX1Ww4xsWdPyQim3BddGWaNSli0bgykA%2FD7qWgl%2FbDkMF3Awq%2BweBqUafRibrgy"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
88de6e9c6bd86921-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.heingiftdec.com/ 		83 B
473 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heingiftdec.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17cbe49acee3c88b254917b1f7dd06d5488eb8223a5eb71d2d8c65e7bab965c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heingiftdec.com/o/17661785404e48e486
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 08:49:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh97%2FhD53EinL15gtPrmZCHuFAeNGlDgGRUnmQWdRGgITVJgutrJRDI2%2FwRJ%2BF6nFfIJOJWF4x0pJmnoCxw1nqEdQYWjIyvucSHuHaWAfldh0m2EIDpV26D8y2%2FD2m6IYEKVlFEk"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
88de6e9c3b653a74-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| uclick string| uclickhash string| trackingDomain function| _typeof function| axios function| getConfigDomain function| get function| post function| sent function| setLocalData function| getLocalData function| get_lp_uclick function| back function| setFormAction function| oneClick function| jumpOffer function| ijump function| onPage1Submit function| $ function| jQuery function| __formSuccess function| __validCardSuccess object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| errMsg string| lang object| parsleyLangConfig object| parsleyConfig object| localization boolean| __parsleyForm function| debounce function| validAddr function| validZipcode object| log_1717404589470

6 Cookies

Domain/Path Name / Value
www.c7wbclk.com/ Name: uniqueClick_5X8MZTP
Value: 20fb26c6-1069-438b-86db-01a346bb14eb:1717404584
www.c7wbclk.com/ Name: uniqueClick_6WKSQD8
Value: a793409c-d5b8-4a49-b58a-949e87f579e2:1717404584
www.c7wbclk.com/ Name: transaction_id
Value: f9a33b402cb54e8a995c53e394d39b46
www.zebratrk.com/ Name: 65c530d1d532312f37ffbd3b54382ab9
Value: 1
trk.trkinthejun.com/ Name: uclick
Value: us52myej
trk.trkinthejun.com/ Name: uclickhash
Value: us52myej-us52myej-xoa2a1-0-fnib0-q58wa8-q58wa6-859f91

5 Console Messages

Source Level URL
Text
other warning URL: https://www.heingiftdec.com/o/17661785404e48e486
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heingiftdec.com/o/17661785404e48e486
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.heingiftdec.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.heingiftdec.com/o/17661785404e48e486
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.heingiftdec.com/o/17661785404e48e486
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.