urlscan.io logo urlscan.io
SecurityTrails logo

amazon-giveaway.vqmjc.cc Open in urlscan Pro
172.67.196.180  Public Scan

Go To Rescan Add Verdict Report
URL: https://amazon-giveaway.vqmjc.cc/
Submission Tags: @phishunt_io
Submission: On September 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 172.67.196.180, located in United States and belongs to CLOUDFLARENET, US. The main domain is amazon-giveaway.vqmjc.cc.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time amazon-giveaway.vqmjc.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.67.196.180 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 7 3.220.152.205 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 172.217.16.202 15169 (GOOGLE)
2 34.117.59.81 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.22.142.87 14618 (AMAZON-AES)
1 13.32.23.225 16509 (AMAZON-02)
29 11
5    172.67.196.180 (United States)

ASN13335 (CLOUDFLARENET, US)
amazon-giveaway.vqmjc.cc
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
7    3.220.152.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-152-205.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:e200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
maps.googleapis.com
2    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
4    52.22.142.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-142-87.compute-1.amazonaws.com
create.leadid.com
1    13.32.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-225.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
9 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 27869
cdn.trustedform.com — Cisco Umbrella Rank: 32928
45 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 465
269 KB
5 vqmjc.cc
amazon-giveaway.vqmjc.cc
148 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 15799
2 KB
2 gstatic.com
maps.gstatic.com
5 KB
2 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7134
319 B
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 25553
39 KB
0 Failed
function sub() { [native code] }. Failed
29 9
Domain Requested by
7 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
6 maps.googleapis.com amazon-giveaway.vqmjc.cc
maps.googleapis.com
5 amazon-giveaway.vqmjc.cc amazon-giveaway.vqmjc.cc
4 create.leadid.com create.lidstatic.com
2 maps.gstatic.com amazon-giveaway.vqmjc.cc
2 ipinfo.io amazon-giveaway.vqmjc.cc
2 cdn.trustedform.com amazon-giveaway.vqmjc.cc
api.trustedform.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com amazon-giveaway.vqmjc.cc
0 truncated Failed
29 10

This site contains no links.

Subject Issuer Validity Valid
vqmjc.cc
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
lidstatic.com
E6		 2024-09-20 -
2024-12-19		 3 months crt.sh
ipinfo.io
R11		 2024-08-17 -
2024-11-15		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
create.leadid.com
Amazon RSA 2048 M03		 2024-07-20 -
2025-08-18		 a year crt.sh
*.trustedform.com
Amazon RSA 2048 M02		 2024-07-10 -
2025-08-06		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03		 2024-02-13 -
2025-03-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://amazon-giveaway.vqmjc.cc/
Frame ID: 0551F52F2E3A9F41E1DA26C7E8F5AE9B
Requests: 29 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5A09E1B1-84FE-6BC1-6932-B03B15C8668C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=53D4F5C5-8EF1-74F8-1EFE-4979B425445F&lac=3B247612-D2EC-9ED4-57EB-5034152E2124
Frame ID: C085773706409DD415F003E2C8973E03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domain

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

29
Requests

97 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

509 kB
Transfer

1697 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amazon-giveaway.vqmjc.cc/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-giveaway.vqmjc.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2968e0df43a1182b7948fff734d6a202ffce339b007fcc822e6ac03a728b1f50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c85b7f78e68d2a5-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 24 Sep 2024 21:03:00 GMT
last-modified
Tue, 24 Sep 2024 21:12:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCQQIU0oBvs0Ve58EqEq79fwuRFmFckWhS5FYwuJW%2FsUaXUm0cEZjT6Vida5IFtkAnBxQYqAbosFB2QQ%2FhLAe5l4DrIv%2BFtYrgmmECtjg34M6Ig8shQgJsGAMqZi2CEqwxTavNU%2BBy8LM2g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
js
maps.googleapis.com/maps/api/ 		345 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1ebbbce7a4a199f8236b9f5de1fbd4d29de399b6017f87544bb392306c4e527c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

cache-control
public, max-age=1800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113602
date
Tue, 24 Sep 2024 21:03:00 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
index-Cc-gV9Jc.js
amazon-giveaway.vqmjc.cc/assets/ 		229 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon-giveaway.vqmjc.cc/assets/index-Cc-gV9Jc.js
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8e32c34f3326a3f6c474a54d11d9167139875f1e7a45fbaeff580a1e51ad7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://amazon-giveaway.vqmjc.cc
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDt7OFRiw3%2Fs8pAM6PLqwxCckc%2FOOTcvudM1QN3C767ssl4lJAdYgJ41lwi3uo2%2BT32owOD%2BZIzkVRbNsyZCmoiE6GbuYYTD0SB722yq7Xb0i9uta1AFeC8MAU0bghjLQO7aMFoPx1BXZTE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c85b7f99de1d2a5-FRA
expires
Tue, 01 Oct 2024 09:44:51 GMT
date
Tue, 24 Sep 2024 21:03:00 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 21:12:00 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
index-0DpEMNU9.css
amazon-giveaway.vqmjc.cc/assets/ 		235 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amazon-giveaway.vqmjc.cc/assets/index-0DpEMNU9.css
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fee7f73da027a56213045a335f2b46cfa1f91ce8ae884272608b53a9b8fb99
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://amazon-giveaway.vqmjc.cc
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAuZqTkLkJsZWKUiFsYuUO6h5thvE8jYm2zK1hEetDYYxKppAaqaQ6lBmNE7jvQ1s1BC%2Bu7Yp4aWdX%2FH2xlO2yR%2F%2FQS3Qh5hTBRPdjravuqJgTlRH0M9%2BvL4T70bZWf4nuclyYb%2FDAlZGBE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c85b7f99de3d2a5-FRA
expires
Tue, 01 Oct 2024 09:44:51 GMT
date
Tue, 24 Sep 2024 21:03:00 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Tue, 24 Sep 2024 21:12:00 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
53d4f5c5-8ef1-74f8-1efe-4979b425445f.js
create.lidstatic.com/campaign/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c97ac12d7ef77eca7f2ca15c9f232deecb073bccd0093e8fb2f00e92e009a6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"16c5509c4eb19d32fbbab80a113ef028"
x-amz-version-id
jYF5.XMJ9rHUVcWWaQH2Bn2udqjvg4Qb
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
text/javascript
last-modified
Mon, 23 Sep 2024 01:38:36 GMT
vary
Accept-Encoding
x-amz-id-2
Jj/oS9jzY14USe2TcOPj+MzJhXBxGi2zM1ODxo88Ru0gaNgelfQnu8HZSkeoPtMlfW05VMr7WI/gWpcXtFJd504PVYc0WFaXHWs300xilHg=
x-amz-replication-status
COMPLETED
cache-control
max-age=1800
x-amz-request-id
HMFE4KFSTFGHD6AE
cf-ray
8c85b7fa1f3e18bf-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H2
Server
2600:9000:223d:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

x-amz-cf-pop
FRA56-P3
content-encoding
gzip
x-amz-version-id
Zi0t0xxZO4o3vJw_BYLnfUU1uwFoytrz
etag
W/"b3bc785786206e7500d411bc5be1ffa5"
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
QSV4KLHV_b81rRfw4hW67NzNNRQ-GayGFPvKirfUYKfB8wFWul9d8g==
date
Tue, 24 Sep 2024 21:03:01 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
content-length
134
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
text/html
server
awselb/2.0
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://amazon-giveaway.vqmjc.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Tue, 24 Sep 2024 21:03:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
json
ipinfo.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-methods,access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://amazon-giveaway.vqmjc.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-methods,access-control-allow-origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 21:03:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Access-Control-Request-Headers
via
1.1 google
json
ipinfo.io/ 		306 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/assets/index-Cc-gV9Jc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
c6bb01502845daa49d0a64bc3c340229ec4abc5dfceaba22301b708067114299
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Access-Control-Allow-Origin
*
Referer
https://amazon-giveaway.vqmjc.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Access-Control-Allow-Methods
GET, POST, OPTIONS

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
common.js
maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/ 		290 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5429b4bcccff1c14512e3a89ba113d37b40a86dc1becf79bfb03de4ffe83d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

content-encoding
br
age
13635
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 17:15:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 17:15:45 GMT
last-modified
Mon, 23 Sep 2024 19:56:46 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
63892
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c307ccddf04791f0e53632bf0931b34025e3ca0fee1425de0c60738f1de195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

content-encoding
br
age
13635
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 17:15:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 17:15:45 GMT
last-modified
Mon, 23 Sep 2024 19:56:46 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56178
x-xss-protection
0
server
sffe
controls.js
maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
398c4e66cc796c7cc517d6fbe2f9374e47c4943e45fbd39e58747056e9356c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

content-encoding
br
age
13634
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 17:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 17:15:46 GMT
last-modified
Mon, 23 Sep 2024 19:56:46 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
26630
x-xss-protection
0
server
sffe
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/6/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBBalfcMGTRGRdbeJT2LGvAjxQSRfCPtLQ&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb9d4e09ef452e66759caf3c8b1ad5c689aab8b599fbfa0fa6203c92451f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

content-encoding
br
age
13634
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 17:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 17:15:46 GMT
last-modified
Mon, 23 Sep 2024 19:56:46 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
14366
x-xss-protection
0
server
sffe
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f71719cca66f1f3bb3457d0fb68db24b4bcb8e91c87c48674487f1b5e874921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
amazon-BbIFZh_X.webp
amazon-giveaway.vqmjc.cc/assets/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazon-giveaway.vqmjc.cc/assets/amazon-BbIFZh_X.webp
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f0dfb9847945d27aa8c5e4e704cca28e39ce0275a2d125fd045df845bda748
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=th2iPpKXhezCQ4OpchXY86HPUqLUrroblHQXewXsQUcYv4XgpXL3ssAsH76EeQoSrDznLy4bdt915P7GvGUjWYiMlE5O06wFHNLMSGGPZRjC0bT5JtSPXmGqvvMqeN%2Fzgc21AwJ7XBo7hQA%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 01 Oct 2024 09:44:23 GMT
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 21:12:00 GMT
vary
User-Agent, Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c85b7fcc8bed2a5-FRA
accept-ranges
bytes
content-length
19694
x-turbo-charged-by
LiteSpeed
server
cloudflare
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 21:03:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 19:15:00 GMT
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
content-length
1616
x-xss-protection
0
server
sffe
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: amazon-giveaway.vqmjc.cc
URL: https://amazon-giveaway.vqmjc.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 21:03:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 19:15:00 GMT
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
content-length
3351
x-xss-protection
0
server
sffe
GenerateToken
create.leadid.com/2.15.0/ 		36 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=3718cbe0-1512-48e4-acd7-97d2d1a325df&_=59056033
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-142-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7ca30fea196a8d61d6933c9a2a89a0229d285d755947fbc427111870cf95fd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Sep 2024 21:03:01 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
certs
api.trustedform.com/ 		474 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
405662824afd666435ff5b57d5f9e1fcc1395dbe78ae3770d1404db2bf936db6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
474
date
Tue, 24 Sep 2024 21:03:01 GMT
content-type
application/json; charset=utf-8
server
Cowboy
logo.png
amazon-giveaway.vqmjc.cc/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://amazon-giveaway.vqmjc.cc/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d931436c5eae52f3f055cf84fd3443f35ad31461501703373bd616127733f55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fde2bfV1yVMPwTyQlKhds4EOqgrjDy6I2D8sn2ejbFKgO68ARJJ0U1tfmOUjWU4x2Y%2FKCFdm%2Baik6Bl4fsOzqdvuH9%2FyhRKx9uxWkAGV%2FswpoCPH03sNFC2t6w8sOoDyQ0FpxNHPgKwaokQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 01 Oct 2024 09:44:24 GMT
date
Tue, 24 Sep 2024 21:03:00 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 17:49:48 GMT
vary
User-Agent, Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c85b7fe7e82d2a5-FRA
accept-ranges
bytes
content-length
6383
x-turbo-charged-by
LiteSpeed
server
cloudflare
trustedform-1.9.25.js
cdn.trustedform.com/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.25.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17272117800870.7777351393598366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

x-amz-cf-pop
FRA56-P3
content-encoding
gzip
x-amz-version-id
th1QTntZ0kkfxgBAyYad3OuQZtjnDdbF
etag
W/"e5efb6170f403c834bc84b1d77f73d94"
age
29
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
DeNq5lZPA3BRhDhKy69PX43uE3wxhRRvbZPA1cOChMgiJ4tLIzng1g==
date
Tue, 24 Sep 2024 21:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT
truncated
/ Frame 		0
0
snapshot
api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Sep 2024 21:03:01 GMT
server
Cowboy
access-control-allow-credentials
true
events
api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Sep 2024 21:03:01 GMT
server
Cowboy
access-control-allow-credentials
true
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame C085 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5A09E1B1-84FE-6BC1-6932-B03B15C8668C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=53D4F5C5-8EF1-74F8-1EFE-4979B425445F&lac=3B247612-D2EC-9ED4-57EB-5034152E2124
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-225.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://amazon-giveaway.vqmjc.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
50373
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 24 Sep 2024 07:03:29 GMT
Etag
W/"668f4bcd-dbb"
Last-Modified
Thu, 11 Jul 2024 03:04:45 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
X-Amz-Cf-Id
2CfNnZ2LfuchW00vV_O70sl6R0pNyaKYwK0LY06KKBJYVR3I7kf-kA==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.15.0/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=3718cbe0-1512-48e4-acd7-97d2d1a325df&token=5A09E1B1-84FE-6BC1-6932-B03B15C8668C&_=59056034
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-142-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Sep 2024 21:03:01 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
InitFormData
create.leadid.com/2.15.0/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=3718cbe0-1512-48e4-acd7-97d2d1a325df&token=5A09E1B1-84FE-6BC1-6932-B03B15C8668C&_=59056035
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-142-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Sep 2024 21:03:01 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
events
api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Sep 2024 21:03:01 GMT
server
Cowboy
access-control-allow-credentials
true
events
api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Sep 2024 21:03:02 GMT
server
Cowboy
access-control-allow-credentials
true
Snap
create.leadid.com/2.15.0/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.0/Snap?msn=4&pid=3718cbe0-1512-48e4-acd7-97d2d1a325df&token=5A09E1B1-84FE-6BC1-6932-B03B15C8668C&_=59056036
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/53d4f5c5-8ef1-74f8-1efe-4979b425445f.js?snippet_version=2&callback=myCallbackFunction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.142.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-142-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Sep 2024 21:03:02 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
events
api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/276db30467da640daa1548161a4347c9540ecd5c/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.220.152.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-152-205.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon-giveaway.vqmjc.cc/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Sep 2024 21:03:02 GMT
server
Cowboy
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| leadid function| myCallbackFunction object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView number| uidEvent object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ object| __e3_ object| LeadiD object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| regeneratorRuntime function| trustedFormNext string| id object| defaultStyleFrame

5 Cookies

Domain/Path Name / Value
amazon-giveaway.vqmjc.cc/ Name: leadid_token-3B247612-D2EC-9ED4-57EB-5034152E2124-53D4F5C5-8EF1-74F8-1EFE-4979B425445F
Value: 5A09E1B1-84FE-6BC1-6932-B03B15C8668C
.trueleadid.com/ Name: nlbi_3051494
Value: +iXUMh66XmtKDNL2C30iGwAAAACOHeExVvQueGX1mhV2h7vk
.trueleadid.com/ Name: visid_incap_3051494
Value: P51Btu7fRoeAgNe+Dz7sjAUp82YAAAAAQUIPAAAAAADqvrWHfitO9DO53B5hiCt0
.trueleadid.com/ Name: incap_ses_536_3051494
Value: CbAnd14bZym5IcKkO0FwBwUp82YAAAAAHyvBIK7ODJdrMDUxixrGSg==
.deviceid.trueleadid.com/ Name: uuid
Value: 2664642f7511481aaf4a5a3e4664ab5f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-giveaway.vqmjc.cc
api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
ipinfo.io
maps.googleapis.com
maps.gstatic.com
truncated
truncated
13.32.23.225
172.217.16.202
172.67.196.180
2600:9000:223d:e200:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:811::200a
2a00:1450:4001:829::2003
3.220.152.205
34.117.59.81
52.22.142.87
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09
15c307ccddf04791f0e53632bf0931b34025e3ca0fee1425de0c60738f1de195
1ebbbce7a4a199f8236b9f5de1fbd4d29de399b6017f87544bb392306c4e527c
26f0dfb9847945d27aa8c5e4e704cca28e39ce0275a2d125fd045df845bda748
2968e0df43a1182b7948fff734d6a202ffce339b007fcc822e6ac03a728b1f50
398c4e66cc796c7cc517d6fbe2f9374e47c4943e45fbd39e58747056e9356c7f
405662824afd666435ff5b57d5f9e1fcc1395dbe78ae3770d1404db2bf936db6
5429b4bcccff1c14512e3a89ba113d37b40a86dc1becf79bfb03de4ffe83d4d5
5f71719cca66f1f3bb3457d0fb68db24b4bcb8e91c87c48674487f1b5e874921
6d931436c5eae52f3f055cf84fd3443f35ad31461501703373bd616127733f55
7ca30fea196a8d61d6933c9a2a89a0229d285d755947fbc427111870cf95fd5a
9c97ac12d7ef77eca7f2ca15c9f232deecb073bccd0093e8fb2f00e92e009a6d
adfb9d4e09ef452e66759caf3c8b1ad5c689aab8b599fbfa0fa6203c92451f40
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf
c6bb01502845daa49d0a64bc3c340229ec4abc5dfceaba22301b708067114299
c8fee7f73da027a56213045a335f2b46cfa1f91ce8ae884272608b53a9b8fb99
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc8e32c34f3326a3f6c474a54d11d9167139875f1e7a45fbaeff580a1e51ad7a