Submitted URL: http://r20.rs6.net/tn.jsp?f=0014C8kWy-jwbXwifrC2UuIqsAQIbw7jIqO8wqsmEr0RSi3qbXCD47Qr-qlaprwusgPXC0aZf9hZqt0Ob91B2uk...
Effective URL: https://a.pgtb.me/Gf4s0F
Submission: On July 21 via manual from US

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 16 HTTP transactions. The main IP is 52.3.182.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is a.pgtb.me.
TLS certificate: Issued by Amazon on January 8th 2020. Valid for: a year.
This is the only time a.pgtb.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 d2xcq4qphg1ge9.cloudfront.net a.pgtb.me
ajax.googleapis.com
4 fonts.gstatic.com ajax.googleapis.com
2 ssl.google-analytics.com 1 redirects a.pgtb.me
2 fonts.googleapis.com a.pgtb.me
1 www.google.de a.pgtb.me
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 ajax.googleapis.com a.pgtb.me
1 a.pgtb.me
1 r20.rs6.net 1 redirects
16 10

This site contains no links.

Subject Issuer Validity Valid
*.pgtb.me
Amazon
2020-01-08 -
2021-02-08
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-30 -
2020-09-22
3 months crt.sh
www.google.de
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://a.pgtb.me/Gf4s0F
Frame ID: 0870DBEDEF13CB791609A66E370441D8
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://r20.rs6.net/tn.jsp?f=0014C8kWy-jwbXwifrC2UuIqsAQIbw7jIqO8wqsmEr0RSi3qbXCD47Qr-qlaprwusgP... HTTP 302
    https://a.pgtb.me/Gf4s0F Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

7
IPs

3
Countries

2209 kB
Transfer

2544 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r20.rs6.net/tn.jsp?f=0014C8kWy-jwbXwifrC2UuIqsAQIbw7jIqO8wqsmEr0RSi3qbXCD47Qr-qlaprwusgPXC0aZf9hZqt0Ob91B2uk0ZAtJBGjDHiDdojyIW3gsyzv7qK5IWzGAwYeMYqcxOn5exNha33EIhaMUGDkH0Ce3Q==&c=Jk_dGSBhA4GI9fSrX72WVH2MvMBwP3Sa8x0TORKC4R8k7xImwlRYRQ==&ch=niimy97EIwjaaiVqSfLJLiWUSdpy9eAVn1S8pDBKgLEgTmVfPalqMA== HTTP 302
    https://a.pgtb.me/Gf4s0F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=634762411&utmhn=a.pgtb.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T%26E%20-%20The%20Cat%C2%AE%20Rental%20Store%20Sweepstakes&utmhid=2083041283&utmr=-&utmp=%2Ft_26e____crs_sweepstakes&utmht=1595339479216&utmac=UA-31008602-174&utmcc=__utma%3D1.123577838.1595339479.1595339479.1595339479.1%3B%2B__utmz%3D1.1595339479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=205027831&utmredir=1&utmu=qhSAAABAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411&slf_rd=1&random=1673208560

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Gf4s0F
a.pgtb.me/
Redirect Chain
  • http://r20.rs6.net/tn.jsp?f=0014C8kWy-jwbXwifrC2UuIqsAQIbw7jIqO8wqsmEr0RSi3qbXCD47Qr-qlaprwusgPXC0aZf9hZqt0Ob91B2uk0ZAtJBGjDHiDdojyIW3gsyzv7qK5IWzGAwYeMYqcxOn5exNha33EIhaMUGDkH0Ce3Q==&c=Jk_dGSBhA4G...
  • https://a.pgtb.me/Gf4s0F
57 KB
19 KB
Document
General
Full URL
https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.182.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-182-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9fbc8e3991cd3812c00d12a3f58eebfaf5641f7d9e0d307de19a2c4d6e9dce83
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src * data:; font-src * data:; frame-ancestors 'none'; frame-src * blob:; img-src * data: blob:; media-src * data: blob:; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-eval' data:; style-src * 'unsafe-inline'; report-uri https://shortstack.report-uri.com/r/d/csp/reportOnly; worker-src * blob:;

Request headers

:method
GET
:authority
a.pgtb.me
:scheme
https
:path
/Gf4s0F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200 200 OK
date
Tue, 21 Jul 2020 13:51:18 GMT
content-type
text/html; charset=utf-8
server
nginx
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-security-policy
default-src *; connect-src * data:; font-src * data:; frame-ancestors 'none'; frame-src * blob:; img-src * data: blob:; media-src * data: blob:; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-eval' data:; style-src * 'unsafe-inline'; report-uri https://shortstack.report-uri.com/r/d/csp/reportOnly; worker-src * blob:;
x-runtime
84
cache-control
private, max-age=0, must-revalidate
set-cookie
_server_session=BAh7BzoPc2Vzc2lvbl9pZCIlNDYxNzk5MDZmYjJlMzAzNTg5NGViZDE5NzUwOWI4NWE6EF9jc3JmX3Rva2VuSSIxL3ROeFVhL2h0K1JuaXBIYXY2UWtKbmJhWGNFM2V2SzBzODZkVE9WVEFEND0GOgZFRg%3D%3D--744663fb11ffa68228d3c2b7509bca982ddd597c; domain=pgtb.me; path=/; secure; HttpOnly
content-encoding
gzip

Redirect headers

Date
Tue, 21 Jul 2020 13:51:17 GMT
Server
Apache
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Location
https://a.pgtb.me/Gf4s0F
Content-Length
0
Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma
no-cache
Connection
close
Content-Type
text/html;charset=ISO-8859-1
styles.css
d2xcq4qphg1ge9.cloudfront.net/fonts/ss-icon/20200415/
17 KB
17 KB
Stylesheet
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/fonts/ss-icon/20200415/styles.css
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b5a5abf03a274e1fd610fca2fa1d08a2eadbe701e1f8930e7f5c9de0400866a

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:08:23 GMT
Via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 May 2020 17:40:21 GMT
Server
AmazonS3
Age
45776
ETag
"2dc02f1c24fd3c5f36b0a001d0f2fb4e"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
17302
X-Amz-Cf-Id
4QC1j4bpyOE6XkIhaFuMCWX7sZBU7qOK2ZaC8SFiqtTv9D8yoT0Png==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 13:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3459002
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29478
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jun 2021 13:01:16 GMT
tabserving_v2.js
d2xcq4qphg1ge9.cloudfront.net/javascript/tabserving/20200712/
285 KB
79 KB
Script
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/javascript/tabserving/20200712/tabserving_v2.js
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a58c5d656fb6f8d7640067850272933076f69bf6107462e06e2060b9e55d54c0

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 12 Jul 2020 21:07:14 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 12 Jul 2020 21:05:17 GMT
Server
AmazonS3
Age
751445
ETag
"e6f59ff426de61658da28c46d088474f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
80276
X-Amz-Cf-Id
n9_uIOvFZNO-wMFuIpdoUUhfvONts5wjK2ECi65_8a3lMhCl6ATXNw==
pubnub.js
d2xcq4qphg1ge9.cloudfront.net/javascript/
188 KB
188 KB
Script
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/javascript/pubnub.js
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fbe41059c8acdbcbddfc0dcd6b3478252c6b04c33f053809f961d00b632243c

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 00:42:46 GMT
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Aug 2018 17:42:13 GMT
Server
AmazonS3
Age
47313
ETag
"16bed4578eba98069c0b5f3718f26b24"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
192199
X-Amz-Cf-Id
MzdX4iGiFyFHC9wnKw6xqpw1DqkfFgFtOxNZGkPdesP7CEOPsFRIRA==
6182399_207271_1584029725.css
d2xcq4qphg1ge9.cloudfront.net/themes/213622/campaign/
43 KB
43 KB
Stylesheet
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/themes/213622/campaign/6182399_207271_1584029725.css
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8d406c537cf8fe88b43163f2dd7486d970bf3fe700503429ac4ecc593f143bc

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 13:51:19 GMT
Via
1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
Last-Modified
Thu, 12 Mar 2020 16:17:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"e77ddd8b71ec15a2068cd667c18cea4f"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43654
X-Amz-Cf-Id
OL6t1waL8qy4jrjFudJsh3wcWCCCB7otwL-N775UTgQK5qK3D1jTnw==
original_4.png
d2xcq4qphg1ge9.cloudfront.net/assets/213622/3818459/
2 MB
2 MB
Image
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/assets/213622/3818459/original_4.png
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b131765d3533ad6858d5a29ad8d872c703340e0756509e109446687168c7e2d1

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 13:51:19 GMT
Via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 25 Jun 2020 18:50:51 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"e2e64e0a6896d9c6a86cdcc31dca2337"
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1761180
X-Amz-Cf-Id
utcHIr-5Fu-K2q0K26qkGeynl658EZFM7Nm5tL8Uh2AfKhc5aX24JA==
css
fonts.googleapis.com/
10 KB
896 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51cb1b5c4d97d917400c763e01eea00d48668a80b19e68c1a3c6e9fe44617265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Jul 2020 13:47:13 GMT
server
ESF
date
Tue, 21 Jul 2020 13:51:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Jul 2020 13:51:18 GMT
css
fonts.googleapis.com/
4 KB
698 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Jul 2020 12:38:10 GMT
server
ESF
date
Tue, 21 Jul 2020 13:51:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Jul 2020 13:51:18 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4478
date
Tue, 21 Jul 2020 12:36:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 21 Jul 2020 14:36:40 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800
Origin
https://a.pgtb.me

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3458874
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800
Origin
https://a.pgtb.me

Response headers

date
Thu, 09 Jul 2020 00:04:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
1086404
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Fri, 09 Jul 2021 00:04:34 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800
Origin
https://a.pgtb.me

Response headers

date
Tue, 14 Jul 2020 15:32:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
598703
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 14 Jul 2021 15:32:55 GMT
ss-icon.woff2
d2xcq4qphg1ge9.cloudfront.net/fonts/ss-icon/20200415/
58 KB
59 KB
Font
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/fonts/ss-icon/20200415/ss-icon.woff2?m0x2wx
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59f64ed4c8f479e9978299c997a72367d53bd8d496732fb9053e350b7575357

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://d2xcq4qphg1ge9.cloudfront.net/fonts/ss-icon/20200415/styles.css
Origin
https://a.pgtb.me

Response headers

Date
Tue, 21 Jul 2020 03:03:48 GMT
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
Age
38852
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
59448
Last-Modified
Thu, 14 May 2020 17:40:22 GMT
Server
AmazonS3
ETag
"15983e18aaaef637ea195fb6d1b36072"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
0CGJEuT9hbckN82kIiyDUfpzC18EV_07EmTxm9p3-jj5MhnAHA6BjQ==
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800
Origin
https://a.pgtb.me

Response headers

date
Tue, 21 Jul 2020 12:37:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:53 GMT
server
sffe
age
4446
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9192
x-xss-protection
0
expires
Wed, 21 Jul 2021 12:37:12 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=634762411&utmhn=a.pgtb.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T%26E%20-%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411&slf_rd=1&random=1673208560
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411&slf_rd=1&random=1673208560
Requested by
Host: a.pgtb.me
URL: https://a.pgtb.me/Gf4s0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.pgtb.me/Gf4s0F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 13:51:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Jul 2020 13:51:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31008602-174&cid=123577838.1595339479&jid=205027831&_v=5.7.2&z=634762411&slf_rd=1&random=1673208560
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| swfobject function| Boxy function| ss_alert function| ss_image_zoom function| ss_image_zoom2 function| ss_facebook_showChoice function| ss_facebook_showMessage function| ss_show_widget function| ss_comment function| ss_share function| ss_share_ajax function| ss_share_prompt function| ss_activate_videos function| ss_fetch_video function| ss_init_tn3gallery function| ss_tiler function| ss_newsletter_popup function| ss_poll_vote function| ss_poll_animate function| ss_poll_showPoll function| ss_poll_showResults function| ss_gift_popup function| ss_gift_select function| ss_gift_submit function| ss_show_iframe function| ss_iframe_popup function| ss_requests_popup object| Modernizr function| yepnope object| SST function| isAttributeSet function| _ajaxMsgOpen function| _ajaxMsgClose function| EventEmitter object| eventie function| imagesLoaded function| PubNub object| widget_82624340 object| widget_82624341 object| widget_82624343 string| rich_text_contents object| widget_82624342 object| widget_82624339 object| widget_82624345 object| widget_82624344 object| widget_82624346 object| widget_82624348 object| widget_82624349 object| widget_lookup object| tab_config function| loadJS object| _gaq string| ua object| _gat object| gaGlobal

5 Cookies

Domain/Path Name / Value
a.pgtb.me/ Name: __utmb
Value: 1.1.10.1595339479
a.pgtb.me/ Name: __utmt
Value: 1
a.pgtb.me/ Name: __utmz
Value: 1.1595339479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
a.pgtb.me/ Name: __utmc
Value: 1
a.pgtb.me/ Name: __utma
Value: 1.123577838.1595339479.1595339479.1595339479.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; connect-src * data:; font-src * data:; frame-ancestors 'none'; frame-src * blob:; img-src * data: blob:; media-src * data: blob:; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline' 'unsafe-eval' data:; style-src * 'unsafe-inline'; report-uri https://shortstack.report-uri.com/r/d/csp/reportOnly; worker-src * blob:;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pgtb.me
ajax.googleapis.com
d2xcq4qphg1ge9.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
r20.rs6.net
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
13.35.253.74
208.75.122.11
2a00:1450:4001:817::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9d
52.3.182.147
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
0b5a5abf03a274e1fd610fca2fa1d08a2eadbe701e1f8930e7f5c9de0400866a
0fbe41059c8acdbcbddfc0dcd6b3478252c6b04c33f053809f961d00b632243c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
51cb1b5c4d97d917400c763e01eea00d48668a80b19e68c1a3c6e9fe44617265
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
9fbc8e3991cd3812c00d12a3f58eebfaf5641f7d9e0d307de19a2c4d6e9dce83
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a58c5d656fb6f8d7640067850272933076f69bf6107462e06e2060b9e55d54c0
b131765d3533ad6858d5a29ad8d872c703340e0756509e109446687168c7e2d1
b8d406c537cf8fe88b43163f2dd7486d970bf3fe700503429ac4ecc593f143bc
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
e59f64ed4c8f479e9978299c997a72367d53bd8d496732fb9053e350b7575357
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d