Submitted URL: https://e.synchronyfinancial.com/T/v70000017d4b4d0b9487bfe26e96c660f0/6a7fd6efaa2547ea0000021ef3a0bcc4/6a7fd6ef-aa25-47ea-8c8d-8e...
Effective URL: https://www.12daysofcheer.com/?user=AM003136056
Submission Tags: falconsandbox
Submission: On November 23 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 104.111.249.160, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.12daysofcheer.com.
TLS certificate: Issued by R3 on October 11th 2021. Valid for: 3 months.
This is the only time www.12daysofcheer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 159.127.187.139 19137 (EPSILON-I...)
17 104.111.249.160 16625 (AKAMAI-AS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
27 7
Domain Requested by
17 www.12daysofcheer.com www.12daysofcheer.com
cdnjs.cloudflare.com
3 use.typekit.net www.12daysofcheer.com
use.typekit.net
2 cdnjs.cloudflare.com www.12daysofcheer.com
2 pro.fontawesome.com www.12daysofcheer.com
pro.fontawesome.com
1 www.gstatic.com www.google.com
1 p.typekit.net use.typekit.net
1 www.google.com www.12daysofcheer.com
1 e.synchronyfinancial.com 1 redirects
27 8

This site contains no links.

Subject Issuer Validity Valid
le1.pls.merkleinc.com
R3
2021-10-11 -
2022-01-09
3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-08-16 -
2022-08-16
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-07-16 -
2022-07-21
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.12daysofcheer.com/?user=AM003136056
Frame ID: 075CF381793A22952CFCA84AE8DBE28B
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Synchrony 12 Days of Cheer 2021

Page URL History Show full URLs

  1. https://e.synchronyfinancial.com/T/v70000017d4b4d0b9487bfe26e96c660f0/6a7fd6efaa2547ea0000021ef3a0bcc4/6a7fd6... HTTP 302
    https://www.12daysofcheer.com/?user=AM003136056 Page URL

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

934 kB
Transfer

2991 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.synchronyfinancial.com/T/v70000017d4b4d0b9487bfe26e96c660f0/6a7fd6efaa2547ea0000021ef3a0bcc4/6a7fd6ef-aa25-47ea-8c8d-8e9859da2ec5?__dU__=v0G4RBKTXg2GuoMv5klIOr2FWybZyEYp90ebC0gPJjKx7dEvK3zPwtkk26ltBQgxOP&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF9cs6Pt41Bbwsg-_3a8rgAIFK6W6Gt-0hJMT_gAttnrlmzmTKndk2elOwBj3J-3fRXEr7mJDRUqLomWSeS8_lH4_v7gjdhkZ8Fjm-ZWx-hKwx235vDg96VVe0e2_dLD0KT6FRxQDKUlIxiqvkTKJ2WuhMgMr66KgaNGwb5Who2dNGaAkhQZMGLsexVoP2n7282W9urXPubpPhQCBZwE3v3qlBN-XMuSBQxVobICn_HuMhNkrQYyksRYAljDcS9vtHkWnQHl0YpjL HTTP 302
    https://www.12daysofcheer.com/?user=AM003136056 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.12daysofcheer.com/
Redirect Chain
  • https://e.synchronyfinancial.com/T/v70000017d4b4d0b9487bfe26e96c660f0/6a7fd6efaa2547ea0000021ef3a0bcc4/6a7fd6ef-aa25-47ea-8c8d-8e9859da2ec5?__dU__=v0G4RBKTXg2GuoMv5klIOr2FWybZyEYp90ebC0gPJjKx7dEvK3...
  • https://www.12daysofcheer.com/?user=AM003136056
76 KB
25 KB
Document
General
Full URL
https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6dc62bcf3101748a7c4e04bc450214a9107c708b7550f59c7654e89387f52d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
x-session
eyJjaGFubmVsIjoiZGVmIiwic2Vzc2lvbiI6IjYxOWM4NDgzMWQ0N2U2MTUiLCJ1c2VyX2FnZW50IjpudWxsLCJkZXZpY2UiOiJjaHJvbWUifQ
p3p
CP="CURa ADMa OUR"
content-type
text/html; charset=utf-8
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=15552000
vary
Accept-Encoding
content-encoding
gzip
expires
Tue, 23 Nov 2021 06:04:52 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 23 Nov 2021 06:04:52 GMT
content-length
24979

Redirect headers

location
https://www.12daysofcheer.com/?user=AM003136056
cache-control
no-cache
content-length
0
date
Tue, 23 Nov 2021 06:04:50 GMT
app.aa01df7221e26eb52610ab4e1b56c9a0.css
www.12daysofcheer.com/public/COMPILED/build/css/
44 KB
7 KB
Stylesheet
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
150345db6835d299607b9a8dbf9e801836ec385a4c97bd6bd74ed63152057fe5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:15 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
text/css; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=366
vary
Accept-Encoding
content-length
7299
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:58 GMT
brg6gwu.css
use.typekit.net/
3 KB
943 B
Stylesheet
General
Full URL
https://use.typekit.net/brg6gwu.css
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0f0f5cace1a99cfbd82dd79cefea25c5261a1b78d08c87fd149677a2db894b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 23 Nov 2021 06:04:52 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
712
all.css
pro.fontawesome.com/releases/v5.12.1/css/
167 KB
32 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.12.1/css/all.css
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13df3c90469b308a021f256b72e204d8a379662a45effc15e50e55b0cec35973

Request headers

Referer
https://www.12daysofcheer.com/
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
12513
x-amz-request-id
7BH6GKYYWZH1JCN4
x-amz-id-2
jUZOoMaOq4gmHfWsJgk854DarmyUDoKRM0kTs41DR2VjZkPPbMTPFvdaKbwUhOzC26IpOdFShZU=
last-modified
Mon, 28 Jun 2021 17:07:37 GMT
server
cloudflare
etag
W/"f8b1d8771478c8623969b754682134fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6b2833daad1a59a7-MXP
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
473038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27958
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=METQw4dGyBUBCrpXFrw6t3JjVhOP8agAQ165mpJcH10qGurlEd1TjJ2ws6SkJvfFhJeUZLuNP870Q2sCntYpg3PkkyNHUqMuj%2FAWtRdIaErHHBM5jr3JutZxzysjHpsHR9OIP%2B9fe%2Fdy%2F7%2FVeksIwiDj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b2833da9efa0e0e-MXP
expires
Sun, 13 Nov 2022 06:04:52 GMT
validator.js
www.12daysofcheer.com/global/share/js/
4 KB
2 KB
Script
General
Full URL
https://www.12daysofcheer.com/global/share/js/validator.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46792e2e72f710eae2455077a0a8525c480e71113d56b77d3eac02762b38a10c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"e7f-5d162b45a953a"
x-frame-options
DENY
content-type
application/x-javascript
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=385
date
Tue, 23 Nov 2021 06:04:52 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
1314
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:11:17 GMT
behaviors.a3eef030b5dba030278c244a8d6f7965.js
www.12daysofcheer.com/public/COMPILED/js/
5 KB
5 KB
Script
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/js/behaviors.a3eef030b5dba030278c244a8d6f7965.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a94d209182f13974e8c47679e96c7ab328a6f72fc67a88e243eb36621104784
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:19 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=344
content-length
4945
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:36 GMT
cookie-gate.b95cf8e9dc5161ef2268ae7316114e0d.js
www.12daysofcheer.com/public/COMPILED/js/
4 KB
4 KB
Script
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/js/cookie-gate.b95cf8e9dc5161ef2268ae7316114e0d.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd304c6e1ba524dba4cca8e7337995cfea99fe2796b051b95b499abe23451407
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:19 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=318
content-length
4204
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:10 GMT
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.8/
259 KB
55 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.8/lottie.min.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e985f5df9224b3a4902e6efdfdc070c1fadee5f5dad5d365de7d81c15f23c6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1241402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55753
timing-allow-origin
*
last-modified
Sun, 04 Apr 2021 22:51:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"606a42f6-40ca2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FszwdhQ2OG4wZBf9sYZ%2Bu9xSE4at27DMuZLUMEpQV5bZ%2B8Kllhe0HPoKJc%2BWoQDWRXCf50vDmStcIyOOih3B1Z6S9N9acJvshul6vyZaLZyWRyTs%2BZNojOJeK8L8e0yhJK5HBCnNXAW3D0oKlIZw8YD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b2833da9efe0e0e-MXP
expires
Sun, 13 Nov 2022 06:04:52 GMT
present.png
www.12daysofcheer.com/public/images/
13 KB
13 KB
Image
General
Full URL
https://www.12daysofcheer.com/public/images/present.png
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
27a5ab3bcc456660dcd552be79a202f639d6f3a1dfc05a5e18ba5ff84038b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:15 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
image/png
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=354
content-length
12939
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:46 GMT
plugins.e273af12cb72215417a1abbb3717e119.js
www.12daysofcheer.com/public/COMPILED/js/
30 KB
31 KB
Script
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/js/plugins.e273af12cb72215417a1abbb3717e119.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e845047fee0526988de90fb46eec86d8a2303d814892302fa1ff13bed1a78b9c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:19 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=323
content-length
30955
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:15 GMT
oneclick.ece29c9a00616bbcb144b944da05bb7c.js
www.12daysofcheer.com/public/COMPILED/js/
11 KB
11 KB
Script
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/js/oneclick.ece29c9a00616bbcb144b944da05bb7c.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56feda6b889a66ed3244f40b042ca845861da5bcacc1b50e48ac9eaeffab3f8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:19 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=386
content-length
10869
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:11:18 GMT
all.a514badaa933268ff8016c39e1489eb7.js
www.12daysofcheer.com/public/COMPILED/build/js/
92 KB
93 KB
Script
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/build/js/all.a514badaa933268ff8016c39e1489eb7.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
df1ff0251546b5b051eb8f249df4f0b790dd0f05f5df0e337653bde6ab79b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:15 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=390
content-length
94583
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:11:22 GMT
urchin.js
www.12daysofcheer.com/global/share/js/
23 KB
7 KB
Script
General
Full URL
https://www.12daysofcheer.com/global/share/js/urchin.js
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1fb63c4af1c349d38de323d6e5f663860bf71e7a0a9370ea5a8fbf373de37e76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"5c21-5d1637afb99a3"
x-frame-options
DENY
content-type
application/x-javascript
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=325
date
Tue, 23 Nov 2021 06:04:52 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
7179
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:17 GMT
api.js
www.google.com/recaptcha/
908 B
986 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=de&onload=onRecaptchaLoad
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a2513857446bca7d46b87529b5b9cd09dd41d39ec214431dc523a134b5a8f1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
573
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:04:52 GMT
p.css
p.typekit.net/
5 B
162 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=brg6gwu&ht=tk&f=139.169.173.175&a=49842807&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/brg6gwu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
bg_header.jpg
www.12daysofcheer.com/public/COMPILED/images/
179 KB
180 KB
Image
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/images/bg_header.jpg
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86913e79f2f45fd1c44faa5b8ae7a8996a4c397b4f1825955522569a66def58b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:18 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
image/jpeg
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=391
content-length
183531
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:11:23 GMT
bg_snowflake.png
www.12daysofcheer.com/public/COMPILED/images/
15 KB
15 KB
Image
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/images/bg_snowflake.png
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1b275004fd7f2471c928d1be1686d4e87cf248c76dd50a7a876cf36960771997
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:18 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
image/png
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=298
content-length
15310
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:09:50 GMT
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/
29 KB
29 KB
Font
General
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/brg6gwu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c1feaca092d398ce830ae475be7ea16f8b02a87dbefe37f532051d688a3868d

Request headers

Referer
https://use.typekit.net/brg6gwu.css
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
server
nginx
etag
"6aeae62b893768150f3460329dc461358e8ab2f5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29820
Synchrony_Sans_Bold-v100.otf
www.12daysofcheer.com/public/COMPILED/fonts/
30 KB
30 KB
Font
General
Full URL
https://www.12daysofcheer.com/public/COMPILED/fonts/Synchrony_Sans_Bold-v100.otf
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
808736c02e592b35b3151b2d2ff3d8633d5c9be9d562918492e00f985b6cd415
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.12daysofcheer.com/public/COMPILED/build/css/app.aa01df7221e26eb52610ab4e1b56c9a0.css
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:18 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/octet-stream
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=329
content-length
30220
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:10:21 GMT
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/
30 KB
30 KB
Font
General
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/brg6gwu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a152bf257d221579839e13dcbcf3971ec9c9aa18b50ccbebf1a20578be15d349

Request headers

Referer
https://use.typekit.net/brg6gwu.css
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
server
nginx
etag
"09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30728
headerAnimationMicro.json
www.12daysofcheer.com/public/animations/
1 MB
62 KB
XHR
General
Full URL
https://www.12daysofcheer.com/public/animations/headerAnimationMicro.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.8/lottie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bcbb4271477db09046501fd7aaf4a6e90ebd140d9af0f55a4c215ffe6c56f5bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 16:25:13 GMT
server
Apache
date
Tue, 23 Nov 2021 06:04:52 GMT
x-frame-options
DENY
content-type
application/octet-stream
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=1437
vary
Accept-Encoding
content-length
63187
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:28:49 GMT
__utm.gif
www.12daysofcheer.com/public/
35 B
296 B
Image
General
Full URL
https://www.12daysofcheer.com/public/__utm.gif?utmwv=1.4&utmt=var&utmn=668004093
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
Apache
etag
"23-5d1637aeded76"
x-frame-options
DENY
content-type
image/gif
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=600
date
Tue, 23 Nov 2021 06:04:52 GMT
accept-ranges
bytes
content-length
35
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:14:52 GMT
__utm.gif
www.12daysofcheer.com/public/
35 B
296 B
Image
General
Full URL
https://www.12daysofcheer.com/public/__utm.gif?utmwv=1.4&utmn=581213955&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Synchrony%2012%20Days%20of%20Cheer%202021&utmhn=www.12daysofcheer.com&utmhid=35595023&utmr=-&utmp=/synchrony/12daysofcheer21/intro
Requested by
Host: www.12daysofcheer.com
URL: https://www.12daysofcheer.com/?user=AM003136056
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
Apache
etag
"23-5d1637aeded76"
x-frame-options
DENY
content-type
image/gif
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=575
date
Tue, 23 Nov 2021 06:04:52 GMT
accept-ranges
bytes
content-length
35
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:14:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/
347 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de&onload=onRecaptchaLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.12daysofcheer.com/
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 22:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 22:20:15 GMT
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.12.1/webfonts/
135 KB
135 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.12.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4

Request headers

Referer
https://pro.fontawesome.com/releases/v5.12.1/css/all.css
Origin
https://www.12daysofcheer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:04:52 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
12511
cf-ray
6b2833dbde8859a7-MXP
content-length
137992
x-amz-id-2
VSrNkrvoyJgemhfVLeD6Q6IyOfScAIJWXfQ1JTvahOkREapzoODNYBiooCGEGPigFl9zdZ+3gFk=
last-modified
Mon, 28 Jun 2021 17:09:16 GMT
server
cloudflare
etag
"4c7a7246c1ebc15cdeb8870b52a35b77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
D75YPSP9E6C0V953
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
__utm.gif
www.12daysofcheer.com/public/
35 B
296 B
Image
General
Full URL
https://www.12daysofcheer.com/public/__utm.gif?utmwv=1.4&utmn=2025900905&utmt=event&utme=5(Privacy*Display*Cookie%20Notice)(1)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Synchrony%2012%20Days%20of%20Cheer%202021&utmhn=www.12daysofcheer.com&utmhid=35595023&utmr=-&utmp=/synchrony/12daysofcheer21/intro
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.12daysofcheer.com/?user=AM003136056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
Apache
etag
"23-5d1637aeded76"
x-frame-options
DENY
content-type
image/gif
x-permitted-cross-domain-policies
master-only
cache-control
public, max-age=554
date
Tue, 23 Nov 2021 06:04:52 GMT
accept-ranges
bytes
content-length
35
x-xss-protection
1; mode=block
expires
Tue, 23 Nov 2021 06:14:06 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| hw string| deploy_path string| client string| promo string| ajaxBase string| profile function| $ function| jQuery object| non_characters object| x function| email function| field_match function| zip function| word_limit function| _is_character function| _update_remaining function| _words function| _cancel function| validate function| terminal function| mobile_opt_in function| track_affiliates function| openWindow function| hwScrollTo function| onRecaptchaLoad object| lottie object| bodymovin function| recaptchaComplete object| oneclick function| _typeof object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| headerAnimation object| animItem string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 object| _ecm function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| __utmTrackEvent function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _UEE function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx string| pg string| ud object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

7 Cookies

Domain/Path Name / Value
www.12daysofcheer.com/ Name: session
Value: eyJjaGFubmVsIjoiZGVmIiwic2Vzc2lvbiI6IjYxOWM4NDgzMWQ0N2U2MTUiLCJ1c2VyX2FnZW50IjpudWxsLCJkZXZpY2UiOiJjaHJvbWUifQ
www.12daysofcheer.com/ Name: rk
Value: eyJ0YjIiOiI4X3J0XzFTTUhfTGdZZyJ9
.12daysofcheer.com/ Name: __utmv
Value: 1410481.r%3D0%3Bc%3Ddef%3Bd%3Dchrome%3Ba%3D
.12daysofcheer.com/ Name: __utma
Value: 1410481.581213955.1637647492.1637647492.1637647492.1
.12daysofcheer.com/ Name: __utmb
Value: 1410481
.12daysofcheer.com/ Name: __utmc
Value: 1410481
.12daysofcheer.com/ Name: __utmz
Value: 1410481.1637647492.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
e.synchronyfinancial.com
p.typekit.net
pro.fontawesome.com
use.typekit.net
www.12daysofcheer.com
www.google.com
www.gstatic.com
104.111.249.160
159.127.187.139
2606:4700::6810:125e
2606:4700::6812:1734
2a00:1450:4001:80e::2003
2a00:1450:4001:82b::2004
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0c1feaca092d398ce830ae475be7ea16f8b02a87dbefe37f532051d688a3868d
13df3c90469b308a021f256b72e204d8a379662a45effc15e50e55b0cec35973
150345db6835d299607b9a8dbf9e801836ec385a4c97bd6bd74ed63152057fe5
1b275004fd7f2471c928d1be1686d4e87cf248c76dd50a7a876cf36960771997
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fb63c4af1c349d38de323d6e5f663860bf71e7a0a9370ea5a8fbf373de37e76
27a5ab3bcc456660dcd552be79a202f639d6f3a1dfc05a5e18ba5ff84038b1b6
2a94d209182f13974e8c47679e96c7ab328a6f72fc67a88e243eb36621104784
3a2513857446bca7d46b87529b5b9cd09dd41d39ec214431dc523a134b5a8f1c
46792e2e72f710eae2455077a0a8525c480e71113d56b77d3eac02762b38a10c
56feda6b889a66ed3244f40b042ca845861da5bcacc1b50e48ac9eaeffab3f8c
6dc62bcf3101748a7c4e04bc450214a9107c708b7550f59c7654e89387f52d09
808736c02e592b35b3151b2d2ff3d8633d5c9be9d562918492e00f985b6cd415
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86913e79f2f45fd1c44faa5b8ae7a8996a4c397b4f1825955522569a66def58b
a152bf257d221579839e13dcbcf3971ec9c9aa18b50ccbebf1a20578be15d349
b0f0f5cace1a99cfbd82dd79cefea25c5261a1b78d08c87fd149677a2db894b4
bcbb4271477db09046501fd7aaf4a6e90ebd140d9af0f55a4c215ffe6c56f5bc
dd304c6e1ba524dba4cca8e7337995cfea99fe2796b051b95b499abe23451407
df1ff0251546b5b051eb8f249df4f0b790dd0f05f5df0e337653bde6ab79b1b6
e3e985f5df9224b3a4902e6efdfdc070c1fadee5f5dad5d365de7d81c15f23c6
e845047fee0526988de90fb46eec86d8a2303d814892302fa1ff13bed1a78b9c
ea1f1cd8dd93d32f9b337df9b9faf9073015353f384895a59e743eb5ddce47d4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d