urlscan.io logo urlscan.io
SecurityTrails logo

www.se-pristavling.com Open in urlscan Pro
2606:4700:3036::681b:b195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2VTH2zV
Effective URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback...
Submission: On March 04 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::681b:b195, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.se-pristavling.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.
This is the only time www.se-pristavling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 52.58.242.8 16509 (AMAZON-02)
2 2 52.212.248.233 16509 (AMAZON-02)
21 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
27 4
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    52.58.242.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-242-8.eu-central-1.compute.amazonaws.com
weighting-gentosh.com
2    52.212.248.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-248-233.eu-west-1.compute.amazonaws.com
trck.easytrck123.com
21    2606:4700:3036::681b:b195 (United States)

ASN13335 (CLOUDFLARENET, US)
www.se-pristavling.com
2    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:10::6816:ba1 (United States)

ASN13335 (CLOUDFLARENET, US)
eu.winnernotification.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
21 www.se-pristavling.com www.se-pristavling.com
3 eu.winnernotification.net www.se-pristavling.com
eu.winnernotification.net
2 www.google.com www.se-pristavling.com
www.gstatic.com
2 trck.easytrck123.com 2 redirects
1 www.gstatic.com www.google.com
1 weighting-gentosh.com 1 redirects
1 bit.ly 1 redirects
27 7

This site contains no links.

Subject Issuer Validity Valid
se-pristavling.com
CloudFlare Inc ECC CA-2		 2020-01-31 -
2020-10-09		 8 months crt.sh
www.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
winnernotification.net
CloudFlare Inc ECC CA-2		 2019-05-22 -
2020-05-22		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Frame ID: F040ABB1451269AAB97E3D5F5A3C3A1C
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2fNQUAAAAAI63RfcMVlNB__Cvg8YmgS_0luSC&co=aHR0cHM6Ly93d3cuc2UtcHJpc3RhdmxpbmcuY29tOjQ0Mw..&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=bpmn6atud89f
Frame ID: 1578CF6517632E7315C7B8305FC5C8AF
Requests: 1 HTTP requests in this frame

Frame: https://eu.winnernotification.net/pushweb/assets/m_main.html
Frame ID: 3CE10D360876CCAD76FFA8C3A8145482
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2VTH2zV HTTP 301
    https://weighting-gentosh.com/327eea2c-c36b-46fd-882b-8b0afffb7e09?subid=3257&ad_name={{ad.name}}&... HTTP 302
    https://trck.easytrck123.com/aff_c?offer_id=15530&aff_id=9885&url_id=19438&aff_sub=3257&aff_sub3=wguo323c... HTTP 302
    https://trck.easytrck123.com/aff_r?offer_id=15530&aff_id=9885&url=https%3A%2F%2Fwww.se-pristavling.com%2F... HTTP 302
    https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

27
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

781 kB
Transfer

1287 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2VTH2zV HTTP 301
    https://weighting-gentosh.com/327eea2c-c36b-46fd-882b-8b0afffb7e09?subid=3257&amp;ad_name={{ad.name}}&amp;adset_name={{adset.name}}&amp;adset=[adset]&amp;campaign_name={{campaign.name}}&amp;campaign_id={{campaign.id}}&amp;adset_id={{adset.id}}&amp;placement={{placement}}&amp;source={{site_source_name}}&amp;age_gender=Replace HTTP 302
    https://trck.easytrck123.com/aff_c?offer_id=15530&aff_id=9885&url_id=19438&aff_sub=3257&aff_sub3=wguo323c2eg77rcthae08g4u HTTP 302
    https://trck.easytrck123.com/aff_r?offer_id=15530&aff_id=9885&url=https%3A%2F%2Fwww.se-pristavling.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D488%26wingame_pk%3D82%26freetest_pk%3D221%26sub_id%3D9885-3257%26sub_id_postback%3D10289a90d4539f5b872549cd99bbc1&urlauth=827693356249028331477464683207 HTTP 302
    https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.se-pristavling.com/cgi-bin/
Redirect Chain
  • https://bit.ly/2VTH2zV
  • https://weighting-gentosh.com/327eea2c-c36b-46fd-882b-8b0afffb7e09?subid=3257&amp;ad_name={{ad.name}}&amp;adset_name={{adset.name}}&amp;adset=[adset]&amp;campaign_name={{campaign.name}}&amp;campaig...
  • https://trck.easytrck123.com/aff_c?offer_id=15530&aff_id=9885&url_id=19438&aff_sub=3257&aff_sub3=wguo323c2eg77rcthae08g4u
  • https://trck.easytrck123.com/aff_r?offer_id=15530&aff_id=9885&url=https%3A%2F%2Fwww.se-pristavling.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D488%26wingame_pk%3D82%26freetest_pk%3D221%26sub_id%3D988...
  • https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4a568803ec9d6a1952584e5db4df758cda1532205dac0bf79863c45416d82d

Request headers

:method
GET
:authority
www.se-pristavling.com
:scheme
https
:path
/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 04 Mar 2020 19:55:22 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=dbe058a813fed0059f12fd508715ce1e31583351722; expires=Fri, 03-Apr-20 19:55:22 GMT; path=/; domain=.se-pristavling.com; HttpOnly; SameSite=Lax
x-firstpage
0
x-page
reg_half
x-map-context
se
x-served-by
d-04
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56ee27888fb81f41-FRA
content-encoding
br

Redirect headers

Date
Wed, 04 Mar 2020 19:55:22 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
358
Connection
keep-alive
Server
nginx/1.16.1
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Location
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Access-Control-Allow-Origin
*
X-Request-Id
ee2ec2c6e1f324f0ba8da2dfcb6489eb
tl_report.min.js
www.se-pristavling.com/_global/js/ 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/tl_report.min.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23af348f5deca9f62ecaabb44e47a8997169e8232c40adc060fb078aa07270fb

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
status
200
x-served-by
d-04
last-modified
Wed, 04 Mar 2020 08:27:07 GMT
server
cloudflare
x-map-context
se
etag
W/"5e5f665b-55a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
56ee278a9d951f41-FRA
expires
Thu, 05 Mar 2020 11:14:47 GMT
font-awesome.min.css
www.se-pristavling.com/_global/fonts/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/fonts/font-awesome-4.7.0/css/font-awesome.min.css?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
status
200
x-served-by
d-02
last-modified
Fri, 30 Aug 2019 10:38:20 GMT
server
cloudflare
x-map-context
se
etag
W/"5d68fc9c-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
56ee278a9d9b1f41-FRA
expires
Thu, 05 Mar 2020 11:14:47 GMT
foundation-custom.css
www.se-pristavling.com/_global/wingame/default/css/foundation-xy-grid/ 		62 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/wingame/default/css/foundation-xy-grid/foundation-custom.css?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=63804
status
200
x-served-by
d-02
last-modified
Mon, 27 Jan 2020 11:07:18 GMT
server
cloudflare
x-map-context
se
etag
W/"5e2ec466-f93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9d9d1f41-FRA
cf-bgj
minify
series.css
www.se-pristavling.com/_global/wingame/76/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/wingame/76/css/series.css?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6550481136567eff525fab1ba7d57975c3a40cbc5b708ab35181a9c9c7a7d1f

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=17784
status
200
x-served-by
d-03
last-modified
Fri, 21 Feb 2020 13:26:38 GMT
server
cloudflare
x-map-context
se
etag
W/"5e4fda8e-4578"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9d9f1f41-FRA
cf-bgj
minify
sweepstake.css
www.se-pristavling.com/wingame/82/css/ 		401 B
358 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/wingame/82/css/sweepstake.css?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b41f74ac617a9577fec3cbe808aff841bfbac3c9048ed404a3f314a08d462f

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=530
status
200
x-served-by
d-03
last-modified
Wed, 29 Jan 2020 13:55:18 GMT
server
cloudflare
x-map-context
se
etag
W/"5e318ec6-212"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da01f41-FRA
cf-bgj
minify
MooTools-Core-1.6.0-compressed.js
www.se-pristavling.com/_global/js/framework/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=89700
status
200
x-served-by
d-01
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
se
etag
W/"5a059201-15e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da11f41-FRA
cf-bgj
minify
moolidator.js
www.se-pristavling.com/_global/js/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/moolidator.js
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2e08c591e60361e8176f65e09badff75bf7b114ec0f0583fdc5c3880f2d5ea

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
27916
cf-polished
origSize=41859
status
200
x-served-by
d-02
last-modified
Tue, 03 Mar 2020 10:32:37 GMT
server
cloudflare
x-map-context
se
etag
W/"5e5e3245-a383"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 12:10:06 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da31f41-FRA
cf-bgj
minify
moolidator_rules.js
www.se-pristavling.com/_global/js/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/moolidator_rules.js
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598773ef1edc186d5f61c13368adae3e9f5c2890bbbc174465d039d54d2ff7f1

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
50323
cf-polished
origSize=27538
status
200
x-served-by
d-03
last-modified
Mon, 24 Feb 2020 16:20:48 GMT
server
cloudflare
x-map-context
se
etag
W/"5e53f7e0-6b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 05:56:39 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da41f41-FRA
cf-bgj
minify
scripts.js
www.se-pristavling.com/_global/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/scripts.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7825cd336b359503f55982227476de5b3d0749df76a712e6ce9a66d3467cc74

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=61900
status
200
x-served-by
d-04
last-modified
Tue, 03 Mar 2020 09:59:28 GMT
server
cloudflare
x-map-context
se
etag
W/"5e5e2a80-f1cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da61f41-FRA
cf-bgj
minify
global.js
www.se-pristavling.com/wingame/global/js/ 		520 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/wingame/global/js/global.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6390e2e825f444263538e640e92a3bdd1e88b525d4afa517657e8d59836e4d1a

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=650
status
200
x-served-by
d-02
last-modified
Tue, 27 Feb 2018 07:50:18 GMT
server
cloudflare
x-map-context
se
etag
W/"5a950dba-28a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9da71f41-FRA
cf-bgj
minify
series.js
www.se-pristavling.com/_global/wingame/76/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/wingame/76/js/series.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7920e237285007cae96ab5d2b8a5de3560b9f3aadf179c665545909651fb8907

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=8380
status
200
x-served-by
d-04
last-modified
Wed, 23 Oct 2019 09:00:13 GMT
server
cloudflare
x-map-context
se
etag
W/"5db0169d-20bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9daa1f41-FRA
cf-bgj
minify
sweepstake.js
www.se-pristavling.com/wingame/82/js/ 		2 KB
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/wingame/82/js/sweepstake.js?2006410524729195574
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
450c56fc41f233a262485a97ae70b8df058874f3a4936456d18f67b891abffdd

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
HIT
age
31235
cf-polished
origSize=2071
status
200
x-served-by
d-01
last-modified
Wed, 29 Jan 2020 13:55:18 GMT
server
cloudflare
x-map-context
se
etag
W/"5e318ec6-817"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 05 Mar 2020 11:14:47 GMT
cache-control
max-age=86400
cf-ray
56ee278a9dab1f41-FRA
cf-bgj
minify
prize-ikea-se.png
www.se-pristavling.com/_static/_global/_supload/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.se-pristavling.com/_static/_global/_supload/images/prize-ikea-se.png
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570e2e2f1ec7b66f1796a157325a4e22635cf23dd112533d3603fe72abedc65d

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Feb 2020 11:27:41 GMT
server
cloudflare
age
27916
etag
"926938731"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278a9dad1f41-FRA
content-length
94575
expires
Thu, 05 Mar 2020 12:10:06 GMT
api.js
www.google.com/recaptcha/ 		708 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc2fNQUAAAAAI63RfcMVlNB__Cvg8YmgS_0luSC
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c44ea1a3788e3579d1e9ab770aeebdffd57577fbf5219da89cc183bb3a04e517
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
477
x-xss-protection
1; mode=block
expires
Wed, 04 Mar 2020 19:55:22 GMT
bg-ikea-de3.jpg
www.se-pristavling.com/_static/_global/_supload/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.se-pristavling.com/_static/_global/_supload/images/bg-ikea-de3.jpg
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6453e06f19b15401808f4ea40895ab3ee970c70e4fbe53a39591a6fc4a6e7b7f

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jul 2018 07:27:59 GMT
server
cloudflare
age
27418
etag
"2493763296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b0f1f1f41-FRA
content-length
46935
expires
Thu, 05 Mar 2020 12:18:24 GMT
Montserrat-Regular.woff2
www.se-pristavling.com/_static/_global/_supload/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_static/_global/_supload/fonts/Montserrat-Regular.woff2
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Origin
https://www.se-pristavling.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
server
cloudflare
age
41108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b0f221f41-FRA
content-length
91812
expires
Thu, 05 Mar 2020 08:30:14 GMT
Montserrat-Black.woff2
www.se-pristavling.com/_static/_global/_supload/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_static/_global/_supload/fonts/Montserrat-Black.woff2
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbed9a71d722b8ca16d2e7732e45357a80e8399bf9e3283fbc88b6803f8e7a2

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Origin
https://www.se-pristavling.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
server
cloudflare
age
41108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b0f241f41-FRA
content-length
91264
expires
Thu, 05 Mar 2020 08:30:14 GMT
fontawesome-webfont.woff2
www.se-pristavling.com/_global/fonts/font-awesome-4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.se-pristavling.com/_global/fonts/font-awesome-4.7.0/css/font-awesome.min.css?2006410524729195574
Origin
https://www.se-pristavling.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
age
41108
status
200
content-length
77160
x-served-by
d-01
last-modified
Fri, 30 Aug 2019 10:38:20 GMT
server
cloudflare
x-map-context
se
etag
"5d68fc9c-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b0f251f41-FRA
expires
Thu, 05 Mar 2020 08:30:14 GMT
Montserrat-Medium.woff2
www.se-pristavling.com/_static/_global/_supload/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_static/_global/_supload/fonts/Montserrat-Medium.woff2
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c55c3117806a6efa05a07547567971911537a36cdda49f4d63b70917b3d7e1

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Origin
https://www.se-pristavling.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
server
cloudflare
age
41108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b0f281f41-FRA
content-length
91668
expires
Thu, 05 Mar 2020 08:30:14 GMT
Montserrat-ExtraBold.woff2
www.se-pristavling.com/_static/_global/_supload/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_static/_global/_supload/fonts/Montserrat-ExtraBold.woff2
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b68aff152d29b2647b69b317720ea442f00ce782c3def81cc14b8939c9c192af

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Origin
https://www.se-pristavling.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
cf-cache-status
HIT
server
cloudflare
age
41108
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
56ee278b2f8f1f41-FRA
content-length
91936
expires
Thu, 05 Mar 2020 08:30:14 GMT
init.js
eu.winnernotification.net/pushweb/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/init.js
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9d5f486cfba7c1bdd1850b839e54689e918aa727065f754ff2faf75e67fc94

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1639
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
alt-svc
clear
via
1.1 google
server
cloudflare
etag
W/"6da-uZQyggfoYDMoXRmtIgOub/dpsEk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
56ee278b9b5d3248-FRA
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
recaptcha__en.js
www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc2fNQUAAAAAI63RfcMVlNB__Cvg8YmgS_0luSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 18:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Mar 2020 05:05:22 GMT
server
sffe
age
178332
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94503
x-xss-protection
0
expires
Tue, 02 Mar 2021 18:23:10 GMT
s5-bfp.js
www.se-pristavling.com/_global/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.se-pristavling.com/_global/js/s5-bfp.js?8256151728
Requested by
Host: www.se-pristavling.com
URL: https://www.se-pristavling.com/_global/js/scripts.js?2006410524729195574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebe0cdd8fead0c21ce5d2fed727f3a4acfd70cb8ef43dc635ff6eaae4d9e30b

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Apr 2019 07:38:48 GMT
server
cloudflare
x-map-context
se
etag
W/"5cb04088-2e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
x-served-by
d-01
cf-ray
56ee278b4fe31f41-FRA
expires
Thu, 05 Mar 2020 19:55:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1578 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2fNQUAAAAAI63RfcMVlNB__Cvg8YmgS_0luSC&co=aHR0cHM6Ly93d3cuc2UtcHJpc3RhdmxpbmcuY29tOjQ0Mw..&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=bpmn6atud89f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l1ZAi56RzEAX+s18J1Sh9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lc2fNQUAAAAAI63RfcMVlNB__Cvg8YmgS_0luSC&co=aHR0cHM6Ly93d3cuc2UtcHJpc3RhdmxpbmcuY29tOjQ0Mw..&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=bpmn6atud89f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 04 Mar 2020 19:55:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-l1ZAi56RzEAX+s18J1Sh9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9390
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
t_main.js
eu.winnernotification.net/pushweb/assets/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/t_main.js?
Requested by
Host: eu.winnernotification.net
URL: https://eu.winnernotification.net/pushweb/assets/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2b5d8a691cd43b3f695a605d57397fbddd789f053711bdb79d4beee7755fd4

Request headers

Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 04 Mar 2020 19:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1640
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
alt-svc
clear
via
1.1 google
server
cloudflare
etag
W/"1d8ce-w+YLSoHXVP9XF2+Fg1qiEhtq6tY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
56ee278e1b013248-FRA
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
m_main.html
eu.winnernotification.net/pushweb/assets/ Frame 3CE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/m_main.html?
Requested by
Host: eu.winnernotification.net
URL: https://eu.winnernotification.net/pushweb/assets/t_main.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
eu.winnernotification.net
:scheme
https
:path
/pushweb/assets/m_main.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.se-pristavling.com/cgi-bin/wingame.pl?partner_pk=488&wingame_pk=82&freetest_pk=221&sub_id=9885-3257&sub_id_postback=10289a90d4539f5b872549cd99bbc1

Response headers

status
200
date
Wed, 04 Mar 2020 19:55:23 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df9edc57234afbff512d889568dbb43d21583351723; expires=Fri, 03-Apr-20 19:55:23 GMT; path=/; domain=.winnernotification.net; HttpOnly; SameSite=Lax
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
cache-control
max-age=1800
vary
Accept-Encoding
via
1.1 google
alt-svc
clear
cf-cache-status
HIT
age
1686
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56ee278e8c833248-FRA
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| rS string| rI string| pI object| stack_msg function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type function| Moolidator_Lite object| moolidator_lite_rules object| mooli object| moolidator_lite_countries object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit function| remove_matched_from_localstorage function| should_value_localstorage boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| Blink_items object| log_page_impressions function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript object| ab function| global_getDate object| log function| Blazy object| logged_pages function| send function| clean object| enter_proceed boolean| page_submitted undefined| field_validator string| current_page undefined| scroll_position_x function| iframe_selector function| open_iframe function| open_layer function| initialize_quiz function| initialize_selectedPrize function| add_pop_iframe_closer_events function| setFilledClass object| POPUNDER string| context function| iframeLoaded function| Sponsorlist_sweepstake object| ACC object| sws_acc function| update_AC_data function| setIdentSessionName function| setLogMiscForStep function| setValByUpdateDeviceInfo object| AccengageWebSDKObject object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client number| create_token_interval function| token_generator undefined| dccBts string| slickid object| recaptcha object| closure_lm_657728 function| p function| w object| m object| y object| e object| b object| z string| n boolean| A object| x function| forge_sha256 string| canvasData number| c2 number| c1 function| _toConsumableArray function| _defineProperty function| _slicedToArray string| sc

1 Cookies

Domain/Path Name / Value
.se-pristavling.com/ Name: __cfduid
Value: dbe058a813fed0059f12fd508715ce1e31583351722

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
eu.winnernotification.net
trck.easytrck123.com
weighting-gentosh.com
www.google.com
www.gstatic.com
www.se-pristavling.com
2606:4700:10::6816:ba1
2606:4700:3036::681b:b195
2a00:1450:4001:800::2003
2a00:1450:4001:824::2004
52.212.248.233
52.58.242.8
67.199.248.11
0ebe0cdd8fead0c21ce5d2fed727f3a4acfd70cb8ef43dc635ff6eaae4d9e30b
0f2b5d8a691cd43b3f695a605d57397fbddd789f053711bdb79d4beee7755fd4
23af348f5deca9f62ecaabb44e47a8997169e8232c40adc060fb078aa07270fb
25e5545bc1316cb31f6552d9056dd436d4e1e68362e5d26dbfe1ff843d87b65b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3d2e08c591e60361e8176f65e09badff75bf7b114ec0f0583fdc5c3880f2d5ea
450c56fc41f233a262485a97ae70b8df058874f3a4936456d18f67b891abffdd
570e2e2f1ec7b66f1796a157325a4e22635cf23dd112533d3603fe72abedc65d
598773ef1edc186d5f61c13368adae3e9f5c2890bbbc174465d039d54d2ff7f1
6390e2e825f444263538e640e92a3bdd1e88b525d4afa517657e8d59836e4d1a
6453e06f19b15401808f4ea40895ab3ee970c70e4fbe53a39591a6fc4a6e7b7f
7920e237285007cae96ab5d2b8a5de3560b9f3aadf179c665545909651fb8907
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8
92b41f74ac617a9577fec3cbe808aff841bfbac3c9048ed404a3f314a08d462f
94c55c3117806a6efa05a07547567971911537a36cdda49f4d63b70917b3d7e1
b6550481136567eff525fab1ba7d57975c3a40cbc5b708ab35181a9c9c7a7d1f
b68aff152d29b2647b69b317720ea442f00ce782c3def81cc14b8939c9c192af
b7825cd336b359503f55982227476de5b3d0749df76a712e6ce9a66d3467cc74
c44ea1a3788e3579d1e9ab770aeebdffd57577fbf5219da89cc183bb3a04e517
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
ea4a568803ec9d6a1952584e5db4df758cda1532205dac0bf79863c45416d82d
eb9d5f486cfba7c1bdd1850b839e54689e918aa727065f754ff2faf75e67fc94
fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579
fcbed9a71d722b8ca16d2e7732e45357a80e8399bf9e3283fbc88b6803f8e7a2