Submitted URL: http://giftclaimsite.com/
Effective URL: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Submission: On April 20 via api from US — Scanned from NL

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 23 HTTP transactions. The main IP is 199.59.243.223, located in United States and belongs to AMAZON-02, US. The main domain is ww25.gvero.qlitrk.com.
This is the only time ww25.gvero.qlitrk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 ww25.gvero.qlitrk.com pushfire.io
ww25.gvero.qlitrk.com
6 giftclaimsite.com 1 redirects giftclaimsite.com
pushfire.io
3 www.google.com ww25.gvero.qlitrk.com
www.google.com
2 afs.googleusercontent.com www.google.com
2 21mpycjgt80j.pushfire.io pushfire.io
1 partner.googleadservices.com www.google.com
1 gvero.qlitrk.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 pushfire.io giftclaimsite.com
1 ajax.googleapis.com giftclaimsite.com
1 fonts.googleapis.com giftclaimsite.com
23 11

This site contains no links.

Subject Issuer Validity Valid
giftclaimsite.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-01 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.pushfire.io
GoGetSSL RSA DV CA
2022-05-16 -
2023-05-16
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh

This page contains 2 frames:

Primary Page: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Frame ID: 401502C564186BAF94FF25BA150CDAF2
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Frame ID: 76426DB0A4E6E705EA1FC5C7127FACE9
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://giftclaimsite.com/ HTTP 302
    https://giftclaimsite.com/ Page URL
  2. https://gvero.qlitrk.com/l/push2exitlink/Cancel HTTP 302
    http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

74 %
HTTPS

60 %
IPv6

8
Domains

11
Subdomains

9
IPs

4
Countries

442 kB
Transfer

781 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://giftclaimsite.com/ HTTP 302
    https://giftclaimsite.com/ Page URL
  2. https://gvero.qlitrk.com/l/push2exitlink/Cancel HTTP 302
    http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://giftclaimsite.com/ HTTP 302
  • https://giftclaimsite.com/

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
giftclaimsite.com/
Redirect Chain
  • http://giftclaimsite.com/
  • https://giftclaimsite.com/
4 KB
2 KB
Document
General
Full URL
https://giftclaimsite.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.22.102.109 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
vps-18934-5737.tilaa.cloud
Software
nginx / PHP/5.6.40
Resource Hash
d1d1088d95184cea96ea37cf4c6fcc005975823108e20de7c790098bb141e7a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Apr 2023 04:32:58 GMT
Keep-Alive
timeout=60
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Length
210
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 20 Apr 2023 04:32:58 GMT
Keep-Alive
timeout=60
Location
https://giftclaimsite.com/
Server
nginx
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aad4d256350048dd4e1037d081240ecacd5e7911e6f28cb956b79441cdad97a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Apr 2023 04:32:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 03:32:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Apr 2023 04:32:59 GMT
style6.css
giftclaimsite.com/style/
2 KB
1 KB
Stylesheet
General
Full URL
https://giftclaimsite.com/style/style6.css
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.22.102.109 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
vps-18934-5737.tilaa.cloud
Software
nginx /
Resource Hash
bbb29244697c7fbb71da96d1c301b738fd60a320c8205bf222d654fb67c40851

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 08:57:24 GMT
Server
nginx
ETag
W/"60b747f4-8e3"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 01:39:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 01:39:32 GMT
pay-pal2.png
giftclaimsite.com/images/
6 KB
6 KB
Image
General
Full URL
https://giftclaimsite.com/images/pay-pal2.png
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.22.102.109 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
vps-18934-5737.tilaa.cloud
Software
nginx /
Resource Hash
d6abd61b5a1aa6294a8519d736a83b1efda148725a28d55287be183018aaf1ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Last-Modified
Wed, 02 Jun 2021 08:56:56 GMT
Server
nginx
ETag
"60b747d8-169d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5789
Expires
Thu, 31 Dec 2037 23:55:55 GMT
W-21mpycjgt80j.js
pushfire.io/pusherjs/
30 KB
6 KB
Script
General
Full URL
https://pushfire.io/pusherjs/W-21mpycjgt80j.js
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.95.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.95.46.78.clients.your-server.de
Software
nginx / PHP/7.4.33, PleskLin
Resource Hash
7b3760d6b319ea9ce3cc7797e851d1ce200cc75372d47ea9e1ab139928a06fb3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Content-Encoding
br
Server
nginx
X-Powered-By
PHP/7.4.33, PleskLin
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
origin, x-requested-with, content-type
landing2-bg.jpg
giftclaimsite.com/images/
207 KB
208 KB
Image
General
Full URL
https://giftclaimsite.com/images/landing2-bg.jpg
Requested by
Host: giftclaimsite.com
URL: https://giftclaimsite.com/style/style6.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.22.102.109 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
vps-18934-5737.tilaa.cloud
Software
nginx /
Resource Hash
4030ee673dec6c1c1d3bf68ec410b3e1d4ef6731d4cebaf01322a5fa417c7bb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/style/style6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Last-Modified
Wed, 02 Jun 2021 08:56:56 GMT
Server
nginx
ETag
"60b747d8-33dd7"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
212439
Expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://giftclaimsite.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:31:18 GMT
x-content-type-options
nosniff
age
151301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:31:18 GMT
http.css
21mpycjgt80j.pushfire.io/
18 KB
4 KB
Stylesheet
General
Full URL
https://21mpycjgt80j.pushfire.io/http.css
Requested by
Host: pushfire.io
URL: https://pushfire.io/pusherjs/W-21mpycjgt80j.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.95.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.95.46.78.clients.your-server.de
Software
nginx / PleskLin
Resource Hash
fa35fffe97cdb9798e59d4101677350eb640a9f182d8fe6c213a8690f52b4f40

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Content-Encoding
br
Last-Modified
Wed, 17 Apr 2019 07:31:30 GMT
Server
nginx
ETag
W/"49ee-586b4dfc4b880"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
origin, x-requested-with, content-type
https-v4.css
21mpycjgt80j.pushfire.io/
9 KB
2 KB
Stylesheet
General
Full URL
https://21mpycjgt80j.pushfire.io/https-v4.css
Requested by
Host: pushfire.io
URL: https://pushfire.io/pusherjs/W-21mpycjgt80j.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.95.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.95.46.78.clients.your-server.de
Software
nginx / PleskLin
Resource Hash
85408eebc3fa565507a9642c0ddb10183cd093af1bb5faef7089a202dafc2326

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Content-Encoding
br
Last-Modified
Wed, 04 Dec 2019 11:52:26 GMT
Server
nginx
ETag
W/"2215-598df724c297e"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
origin, x-requested-with, content-type
pushfire-sw.js
giftclaimsite.com/
80 B
420 B
XHR
General
Full URL
https://giftclaimsite.com/pushfire-sw.js
Requested by
Host: pushfire.io
URL: https://pushfire.io/pusherjs/W-21mpycjgt80j.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.22.102.109 Woerden, Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
vps-18934-5737.tilaa.cloud
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://giftclaimsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 04:32:59 GMT
Last-Modified
Wed, 02 Jun 2021 08:56:38 GMT
Server
nginx
ETag
"60b747c6-50"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
80
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request Cancel
ww25.gvero.qlitrk.com/l/push2exitlink/
Redirect Chain
  • https://gvero.qlitrk.com/l/push2exitlink/Cancel
  • http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
1023 B
2 KB
Document
General
Full URL
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Requested by
Host: pushfire.io
URL: https://pushfire.io/pusherjs/W-21mpycjgt80j.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a06fb5779711b7d21f632662b6c9db9c89a17766228cc577441455f4808fb69c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
sec-ch-prefers-color-scheme
Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Critical-CH
sec-ch-prefers-color-scheme
Date
Thu, 20 Apr 2023 04:33:03 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Vary
sec-ch-prefers-color-scheme
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_yVBpTExWjiWf38ghG7VeZfinXnamNXMyrQUqjmVH9MOrSLJBNXcxed3HqYk0vAt19hgGh92TnR9aE3UgvsFw8g==

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 20 Apr 2023 04:33:01 GMT
location
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
server
Apache
parking.2.104.3.js
ww25.gvero.qlitrk.com/js/
67 KB
22 KB
Script
General
Full URL
http://ww25.gvero.qlitrk.com/js/parking.2.104.3.js
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c90a35d3514e7b343bec97f73e62f57b061f2e0715121d9a7b3b4dd330b24125

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Apr 2023 04:33:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Apr 2023 16:29:02 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
ww25.gvero.qlitrk.com/
4 KB
3 KB
Fetch
General
Full URL
http://ww25.gvero.qlitrk.com/_fd?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/js/parking.2.104.3.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0495d831c9a6fda3fca7aad469fb9d43b31027dcb2f2035e6d2e7a70f8ebc2f5

Request headers

Accept
application/json
Referer
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.104.3
Date
Thu, 20 Apr 2023 04:33:03 GMT
Content-Encoding
gzip
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/
145 KB
53 KB
Script
General
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/js/parking.2.104.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
73991d96f56e005c3f63f8945b13a0d66a05b72f9ea0974384aef6704d0cf972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww25.gvero.qlitrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 04:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"5541196816858744750"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Apr 2023 04:33:03 GMT
px.gif
ww25.gvero.qlitrk.com/
42 B
421 B
Image
General
Full URL
http://ww25.gvero.qlitrk.com/px.gif?ch=1&rn=0.1404506869989106
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Apr 2023 04:33:03 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
ww25.gvero.qlitrk.com/
42 B
421 B
Image
General
Full URL
http://ww25.gvero.qlitrk.com/px.gif?ch=2&rn=0.1404506869989106
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Apr 2023 04:33:03 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
cookie.js
partner.googleadservices.com/gampad/
360 B
590 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.gvero.qlitrk.com&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
7bfa4417f713260bd799675e925c895ee64802eb01583889d68f7090e0c403d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://ww25.gvero.qlitrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 04:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
238
x-xss-protection
0
ads
www.google.com/afs/ Frame 7642
6 KB
3 KB
Document
General
Full URL
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
87ec6508905783cb2ef043a3d0c78ac73aee4c3ed88c37570a400b78b74d56a1
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-6HBWDDW7ZD4J7RPFTNAfew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww25.gvero.qlitrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2129
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-6HBWDDW7ZD4J7RPFTNAfew' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 20 Apr 2023 04:33:03 GMT
expires
Thu, 20 Apr 2023 04:33:03 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame 7642
145 KB
53 KB
Script
General
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
163f292316ed47971ae43c8925b9e78aad5c227505271b58ff9f35890e18493a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 04:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"14285691363788620456"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Apr 2023 04:33:03 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7642
200 B
700 B
Image
General
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 01:01:24 GMT
age
12699
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 21 Apr 2023 00:01:24 GMT
call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7642
444 B
393 B
Image
General
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 00:56:53 GMT
age
12970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 20 Apr 2023 23:56:53 GMT
_tr
ww25.gvero.qlitrk.com/
2 B
0
Fetch
General
Full URL
http://ww25.gvero.qlitrk.com/_tr
Requested by
Host: ww25.gvero.qlitrk.com
URL: http://ww25.gvero.qlitrk.com/js/parking.2.104.3.js
Protocol
HTTP/1.1
Server
199.59.243.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
application/json
Referer
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.104.3
Date
Thu, 20 Apr 2023 04:33:04 GMT
Content-Encoding
gzip
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| park object| regeneratorRuntime function| setImmediate function| clearImmediate

2 Cookies

Domain/Path Name / Value
gvero.qlitrk.com/l/push2exitlink Name: __tad
Value: 1681965181.1119645
ww25.gvero.qlitrk.com/ Name: parking_session
Value: 5f5d11e7-840e-dc12-8a76-259eedba2297

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21mpycjgt80j.pushfire.io
afs.googleusercontent.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
giftclaimsite.com
gvero.qlitrk.com
partner.googleadservices.com
pushfire.io
ww25.gvero.qlitrk.com
www.google.com
103.224.182.253
199.59.243.223
2a00:1450:4001:806::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
78.46.95.125
84.22.102.109
0495d831c9a6fda3fca7aad469fb9d43b31027dcb2f2035e6d2e7a70f8ebc2f5
163f292316ed47971ae43c8925b9e78aad5c227505271b58ff9f35890e18493a
4030ee673dec6c1c1d3bf68ec410b3e1d4ef6731d4cebaf01322a5fa417c7bb5
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
73991d96f56e005c3f63f8945b13a0d66a05b72f9ea0974384aef6704d0cf972
7b3760d6b319ea9ce3cc7797e851d1ce200cc75372d47ea9e1ab139928a06fb3
7bfa4417f713260bd799675e925c895ee64802eb01583889d68f7090e0c403d2
85408eebc3fa565507a9642c0ddb10183cd093af1bb5faef7089a202dafc2326
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87ec6508905783cb2ef043a3d0c78ac73aee4c3ed88c37570a400b78b74d56a1
8aad4d256350048dd4e1037d081240ecacd5e7911e6f28cb956b79441cdad97a
a06fb5779711b7d21f632662b6c9db9c89a17766228cc577441455f4808fb69c
bbb29244697c7fbb71da96d1c301b738fd60a320c8205bf222d654fb67c40851
c90a35d3514e7b343bec97f73e62f57b061f2e0715121d9a7b3b4dd330b24125
d1d1088d95184cea96ea37cf4c6fcc005975823108e20de7c790098bb141e7a2
d6abd61b5a1aa6294a8519d736a83b1efda148725a28d55287be183018aaf1ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa35fffe97cdb9798e59d4101677350eb640a9f182d8fe6c213a8690f52b4f40