elven11th.inofferswelove.com Open in urlscan Pro
2606:4700:3031::6818:66b1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitalonecd360.com/
Effective URL:
https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Submission: On May 20 via api (May 20th 2020, 2:55:44 pm UTC) from US

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 13 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3031::6818:66b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is elven11th.inofferswelove.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 18th 2020. Valid for: 5 months.

This is the only time elven11th.inofferswelove.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.82.12.32 23.82.12.32	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	54.84.174.180 54.84.174.180	14618 (AMAZON-AES) (AMAZON-AES)
1 1	45.63.23.4 45.63.23.4	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	2606:4700:303... 2606:4700:3034::681b:96ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::681f:5a38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::681f:4bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:303... 2606:4700:3031::6818:66b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::681f:582e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
32	8

1 23.82.12.32 (Washington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

capitalonecd360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.174.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-174-180.compute-1.amazonaws.com

usd.khurshid-sus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.63.23.4 (Matawan, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 45.63.23.4.vultr.com

www.luckysoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681b:96ce (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pocketbikerss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681f:5a38 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prizeoffersforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:4bac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

feelingluckytoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3031::6818:66b1 (United States)

ASN13335 (CLOUDFLARENET, US)

elven11th.inofferswelove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681f:582e (United States)

ASN13335 (CLOUDFLARENET, US)

api.mdsyzz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	inofferswelove.com elven11th.inofferswelove.com	699 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	mdsyzz.info api.mdsyzz.info	2 KB
2	khurshid-sus.com usd.khurshid-sus.com	3 KB
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	onesignal.com cdn.onesignal.com	3 KB
1	feelingluckytoday.com 1 redirects feelingluckytoday.com	805 B
1	prizeoffersforyou.com 1 redirects prizeoffersforyou.com	445 B
1	pocketbikerss.com 1 redirects www.pocketbikerss.com	565 B
1	luckysoff.com 1 redirects www.luckysoff.com	279 B
1	capitalonecd360.com 1 redirects capitalonecd360.com	459 B
32	13

	Domain	Requested by
23	elven11th.inofferswelove.com	usd.khurshid-sus.com elven11th.inofferswelove.com
2	www.google-analytics.com	1 redirects elven11th.inofferswelove.com
2	api.mdsyzz.info	elven11th.inofferswelove.com
2	usd.khurshid-sus.com	usd.khurshid-sus.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	elven11th.inofferswelove.com
1	stats.g.doubleclick.net	elven11th.inofferswelove.com
1	cdn.onesignal.com	elven11th.inofferswelove.com
1	feelingluckytoday.com	1 redirects
1	prizeoffersforyou.com	1 redirects
1	www.pocketbikerss.com	1 redirects
1	www.luckysoff.com	1 redirects
1	capitalonecd360.com	1 redirects
32	13

This site contains links to these domains. Also see Links.

Domain
signup839.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-05-18` - `2020-10-09`	5 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-06` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Frame ID: AE3644D1DDDC1ED921E32F943EBE39D6
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://capitalonecd360.com/ HTTP 302
http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea... Page URL
http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth... Page URL
https://www.luckysoff.com/click.php?c=11&key=rc9v4c8vhq9fzqf4z1zdt48u HTTP 302
https://www.pocketbikerss.com/tracking/58e4cc95748466414c6e2840?src=5a53c9c01a59ae33d1d11b44&s1=&s2=&s3=&s... HTTP 302
https://prizeoffersforyou.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1 HTTP 302
https://feelingluckytoday.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1&ckmguid... HTTP 302
https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /scrollreveal(?:\.min)(?:\.js)/i

Page Statistics

32
Requests

94 %
HTTPS

62 %
IPv6

13
Domains

13
Subdomains

8
IPs

3
Countries

734 kB
Transfer

1053 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signup839.net/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitalonecd360.com/ HTTP 302
http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507 Page URL
http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://www.luckysoff.com/click.php?c=11&key=rc9v4c8vhq9fzqf4z1zdt48u HTTP 302
https://www.pocketbikerss.com/tracking/58e4cc95748466414c6e2840?src=5a53c9c01a59ae33d1d11b44&s1=&s2=&s3=&s4=&s5=&k=5d78cd0dc5227f7013116d32 HTTP 302
https://prizeoffersforyou.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1 HTTP 302
https://feelingluckytoday.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1&ckmguid=2c887b68-fe2f-44c9-8047-6fee35319b63 HTTP 302
https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://capitalonecd360.com/ HTTP 302
http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1883664215&t=pageview&_s=1&dl=https%3A%2F%2Felven11th.inofferswelove.com%2Ffr%2F%3Fo%3D1376%26r%3Dyct147800864mpf1%26a%3D30%26sa%3D5a53c9c01a59ae33d1d11b44&dr=http%3A%2F%2Fusd.khurshid-sus.com%2Fzcredirect%3Fvisitid%3Df0e2d71a-9aa9-11ea-abbf-1295c4e61119%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=Apple%20iPhone%2011%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABB~&jid=1263603002&gjid=2131823239&cid=1895128880.1589986529&tid=UA-118120266-1&_gid=750096235.1589986529&_r=1&z=1240529025 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1895128880.1589986529&jid=1263603002&_gid=750096235.1589986529&gjid=2131823239&_v=j82&z=1240529025

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

f0e2d71a-9aa9-11ea-abbf-1295c4e61119 Show response
usd.khurshid-sus.com/zcvisitor/
Redirect Chain

http://capitalonecd360.com/
http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507

1010 B
2 KB

207ms
177ms

Document
text/html

54.84.174.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507

Protocol

HTTP/1.1

Server

54.84.174.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-174-180.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

3407adf853193b2244a771dcd46c27c4dd5d00dcc4e22c267424c0129a48364a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.khurshid-sus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 14:55:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 20 May 2020 14:55:26 GMT
location: http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507
server: nginx
set-cookie: sid=f0daf3c4-9aa9-11ea-b49f-250d04f85b36; path=/; domain=.capitalonecd360.com; expires=Mon, 07 Jun 2088 18:09:34 GMT; max-age=2147483647; HttpOnly

GET
H/1.1 200
OK zcredirect Show response
usd.khurshid-sus.com/ 320 B
1017 B 100ms
99ms Document
text/html 54.84.174.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usd.khurshid-sus.com
URL: http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507

Protocol

HTTP/1.1

Server

54.84.174.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-174-180.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

5b91ea8c989cb241efefa0f9ac1ae88ab7050967d44eac887222964ebac207f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usd.khurshid-sus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usd.khurshid-sus.com/zcvisitor/f0e2d71a-9aa9-11ea-abbf-1295c4e61119?campaignid=61ee36f0-76f8-11ea-a61f-0a06ea97c507

Response headers

Date: Wed, 20 May 2020 14:55:27 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2

200

Primary Request / Show response
elven11th.inofferswelove.com/fr/
Redirect Chain

https://www.luckysoff.com/click.php?c=11&key=rc9v4c8vhq9fzqf4z1zdt48u
https://www.pocketbikerss.com/tracking/58e4cc95748466414c6e2840?src=5a53c9c01a59ae33d1d11b44&s1=&s2=&s3=&s4=&s5=&k=5d78cd0dc5227f7013116d32
https://prizeoffersforyou.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1
https://feelingluckytoday.com/?a=30&c=1376&s1=5a53c9c01a59ae33d1d11b44&s2=5ec544e0fcaa97528d34ecf1&ckmguid=2c887b68-fe2f-44c9-8047-6fee35319b63
https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44

28 KB
9 KB

118ms
80ms

Document
text/html

2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Requested by: Host: usd.khurshid-sus.com
URL: http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4074684ca53e8ac03f6ce666d323f8c0ff5446f7ef677f9e8546b72ab97101ca

Request headers

:method: GET
:authority: elven11th.inofferswelove.com
:scheme: https
:path: /fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://usd.khurshid-sus.com/zcredirect?visitid=f0e2d71a-9aa9-11ea-abbf-1295c4e61119&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
date: Wed, 20 May 2020 14:55:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4aabfa1de67cb265b6a4b458d53ffb421589986528; expires=Fri, 19-Jun-20 14:55:28 GMT; path=/; domain=.inofferswelove.com; HttpOnly; SameSite=Lax; Secure PHPSESSID_MS=kgsee0es9n9gqu06oe7lgunrk3; expires=Fri, 22-May-2020 14:55:28 GMT; Max-Age=172800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5966e61d3d5b07ae-FRA
content-encoding: br
cf-request-id: 02d42e2647000007ae44330200000001

Redirect headers

status: 302
date: Wed, 20 May 2020 14:55:28 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=decd34920fb3a7bae176c735e98f46fef1589986528; expires=Fri, 19-Jun-20 14:55:28 GMT; path=/; domain=.feelingluckytoday.com; HttpOnly; SameSite=Lax; Secure som=zEoG0NaE/uqU8/byei/p+C2mv4YAzw3dZmz4vqG0xF0KWS0XVZ5NnQ==; domain=.feelingluckytoday.com; path=/; HttpOnly tfl=kb0pn89KdglRgpYn/20PIy2mv4YAzw3dZmz4vqG0xF0KWS0XVZ5NnQ==; domain=.feelingluckytoday.com; expires=Tue, 20-May-2025 14:55:28 GMT; path=/; HttpOnly c1376=zEoG0NaE/uo1UrWi0vj8jrKZubG0ARMs4BQjY8VYk6MNEFczv+qrkw==; domain=.feelingluckytoday.com; expires=Fri, 19-Jun-2020 14:55:28 GMT; path=/; HttpOnly
cache-control: private
location: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5966e61c0e5005b3-FRA
cf-request-id: 02d42e2589000005b3861fb200000001

GET
H2 200 animate.css
elven11th.inofferswelove.com/css/ 73 KB
4 KB 24ms
20ms Stylesheet
text/css 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/css/animate.css
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-1252c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddfe407ae-FRA
cf-request-id: 02d42e26a9000007ae44338200000001

GET
H2 200 style.css
elven11th.inofferswelove.com/css/ 36 KB
7 KB 34ms
31ms Stylesheet
text/css 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/css/style.css
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c10ddeeb5a4f528bf5e0355bf0c5d3188193d095aba15e36f97c5a519bb416

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 08:07:41 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d78ab4d-91aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddfec07ae-FRA
cf-request-id: 02d42e26a9000007ae44339200000001

GET
H2 200 anime.min.js Show response
elven11th.inofferswelove.com/scripts/ 17 KB
7 KB 36ms
33ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/anime.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-431b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddff307ae-FRA
cf-request-id: 02d42e26a9000007ae4433b200000001

GET
H2 200 scrollreveal.min.js Show response
elven11th.inofferswelove.com/scripts/ 16 KB
5 KB 26ms
23ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/scrollreveal.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceab95742790be06ee7d6a387cf34e76db6987477e91aa0d9ed5246401477108

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-4008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddff607ae-FRA
cf-request-id: 02d42e26a9000007ae4433c200000001

GET
H2 200 jquery.3.3.1.min.js Show response
elven11th.inofferswelove.com/scripts/ 85 KB
29 KB 30ms
27ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/jquery.3.3.1.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddff907ae-FRA
cf-request-id: 02d42e26a9000007ae4433d200000001

GET
H2 200 main.js Show response
elven11th.inofferswelove.com/scripts/ 1 KB
287 B 25ms
22ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/main.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9723b86b4f82e2db0b27dd2c79275b07d3cf73e625ba24e709e17012357850b

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 08:07:41 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d78ab4d-5eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddffd07ae-FRA
cf-request-id: 02d42e26a9000007ae4433e200000001

GET
H2 200 jquery.qtip.min.css
elven11th.inofferswelove.com/css/ 9 KB
2 KB 21ms
18ms Stylesheet
text/css 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/css/jquery.qtip.min.css
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-2316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61ddfee07ae-FRA
cf-request-id: 02d42e26a9000007ae4433a200000001

GET
H2 200 parsley.js Show response
elven11th.inofferswelove.com/scripts/ 42 KB
12 KB 23ms
21ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/parsley.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5729bdce61355430757a6c83f442ecf833fb7b2267fe11d3eab62abdf590c72d

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-a85e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61dd80107ae-FRA
cf-request-id: 02d42e26a9000007ae4433f200000001

GET
H2 200 jquery.qtip.min.js Show response
elven11th.inofferswelove.com/scripts/ 43 KB
15 KB 26ms
24ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/jquery.qtip.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37641e80e90736df5a0739b512d6a6523008a51b3b9f84b8d144857e5895b693

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-ad17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61dd80307ae-FRA
cf-request-id: 02d42e26a9000007ae44340200000001

GET
H2 200 validate.js Show response
elven11th.inofferswelove.com/scripts/ 18 KB
4 KB 27ms
25ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/validate.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e43479b2a012152c7ebc8f9c6eed18255fe83d8afd5c2ca28d447682d342454

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Apr 2020 05:12:47 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5e8c0bcf-485d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61dd80507ae-FRA
cf-request-id: 02d42e26a9000007ae44341200000001

GET
H2 200 validate_error_messages.js Show response
elven11th.inofferswelove.com/fr/scripts/ 2 KB
953 B 24ms
22ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/fr/scripts/validate_error_messages.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48394794b5c4a4458605764cfac7db10487f6a2b56174f63fb072a1ce45d9928

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 3075
status: 200
etag: W/"5d7109f7-8c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61dd80707ae-FRA
cf-request-id: 02d42e26a9000007ae44342200000001

GET
H2 404 OneSignalSDKWorker.js
elven11th.inofferswelove.com/ 0
0 30ms
28ms Script
text/html 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/OneSignalSDKWorker.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: max-age=14400
cf-ray: 5966e61dd80a07ae-FRA
cf-request-id: 02d42e26a9000007ae44343200000001

GET
H2 404 OneSignalSDKUpdaterWorker.js
elven11th.inofferswelove.com/ 0
0 36ms
34ms Script
text/html 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/OneSignalSDKUpdaterWorker.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: max-age=14400
cf-ray: 5966e61dd80c07ae-FRA
cf-request-id: 02d42e26a9000007ae44344200000001

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1357113f7b28eb8a5e2da0fe0bca37f40fa0d5d25d9dafa4698d0ceb9c72d78

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 698
etag: W/"3f1c1174b1ee437acb796315c8259f0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5966e61ddea397a8-FRA
cf-request-id: 02d42e26a9000097a8592d3200000001
expires: Thu, 21 May 2020 02:55:28 GMT

GET
H2 200 auto-push.min.js Show response
api.mdsyzz.info/ 2 KB
1 KB 102ms
62ms Script
application/x-javascript 2606:4700:3032::681f:582e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.info/auto-push.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
content-encoding: br
status: 200
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Mar 2020 19:01:31 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"eaf5f1268ef1d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 5966e61e1a2905d0-FRA
cf-request-id: 02d42e26cf000005d02999a200000001

GET
H2 200 badge_bg.png
elven11th.inofferswelove.com/fr/images/ 19 KB
19 KB 13ms
13ms Image
image/png 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/fr/images/badge_bg.png
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de81a7fc0e9f458efde1fce19da26525b608efe332580e38bad4ec8d3e73e42

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 3075
etag: "5d7109f7-4ba1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e495007ae-FRA
content-length: 19361
cf-request-id: 02d42e26ef000007ae4434d200000001

GET
H2 200 front-and-back.png
elven11th.inofferswelove.com/images/ 117 KB
117 KB 12ms
11ms Image
image/png 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/images/front-and-back.png
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0477a6ce5d432e2372b40c19c4c0a2a6f0a669746d77d4186472ffbbcb91d2b5

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 07:29:57 GMT
server: cloudflare
age: 5264
etag: "5d78a275-1d3cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e699d07ae-FRA
content-length: 119757
cf-request-id: 02d42e26fe000007ae44351200000001

GET
H2 200 front-and-back_black.png
elven11th.inofferswelove.com/images/ 109 KB
109 KB 12ms
12ms Image
image/png 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/images/front-and-back_black.png
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be09d78c12fdb604d4fe5a8d78835eec834bf38fecfd9e9bae9cfc2593b0b32f

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 07:29:57 GMT
server: cloudflare
age: 5264
etag: "5d78a275-1b4ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e79e207ae-FRA
content-length: 111850
cf-request-id: 02d42e270b000007ae44356200000001

GET
H2 200 front-and-green.png
elven11th.inofferswelove.com/images/ 115 KB
116 KB 11ms
10ms Image
image/png 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/images/front-and-green.png
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74c28fe12f96e33877f85877dd54995524e007b62883b5ab483015fa8e1cd88

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 08:07:41 GMT
server: cloudflare
age: 5264
etag: "5d78ab4d-1cd49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e79f907ae-FRA
content-length: 118089
cf-request-id: 02d42e270f000007ae44358200000001

GET
H2 200 front-and-back_gold.png
elven11th.inofferswelove.com/images/ 127 KB
127 KB 15ms
14ms Image
image/png 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/images/front-and-back_gold.png
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 451c71e676eea11fd696ae6e87a930ec08f00e7593879edfd7b192d628d92777

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2019 07:29:57 GMT
server: cloudflare
age: 5264
etag: "5d78a275-1fca1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e8a1907ae-FRA
content-length: 130209
cf-request-id: 02d42e2713000007ae4435a200000001

GET
H2 200 bottom.jpg
elven11th.inofferswelove.com/images/ 113 KB
114 KB 16ms
15ms Image
image/jpeg 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elven11th.inofferswelove.com/images/bottom.jpg
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c629bf7da930e0791a2e40505b1dd2a19447f02ca014b823eddd817966bbc2e

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
cf-cache-status: HIT
last-modified: Sat, 16 May 2020 07:31:10 GMT
server: cloudflare
age: 5264
etag: "5ebf96be-1c533"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5966e61e8a1d07ae-FRA
content-length: 116019
cf-request-id: 02d42e2713000007ae4435b200000001

GET
H2 200 main.min.js Show response
elven11th.inofferswelove.com/scripts/ 2 KB
638 B 11ms
10ms Script
application/javascript 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/scripts/main.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 901cbb6525b3545f826b220014f59bd438b38aca66fc5c5785bd2956642bf5fb

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2019 13:13:27 GMT
server: cloudflare
age: 5263
status: 200
etag: W/"5d7109f7-7ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 5966e61e18ae07ae-FRA
cf-request-id: 02d42e26ce000007ae44347200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 7150
date: Wed, 20 May 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 20 May 2020 14:56:19 GMT

GET
H2 404 OneSignalSDKWorker.js
elven11th.inofferswelove.com/ 0
0 11ms
10ms Script
text/html 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/OneSignalSDKWorker.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: max-age=14400
cf-ray: 5966e61e390f07ae-FRA
cf-request-id: 02d42e26e3000007ae44349200000001

GET
H2 404 OneSignalSDKUpdaterWorker.js
elven11th.inofferswelove.com/ 0
0 11ms
10ms Script
text/html 2606:4700:3031::6818:66b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elven11th.inofferswelove.com/OneSignalSDKUpdaterWorker.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:66b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 404
cache-control: max-age=14400
cf-ray: 5966e61e495407ae-FRA
cf-request-id: 02d42e26f0000007ae4434e200000001

GET
H2 200 d02cf1e5-3852-4ec9-b89b-257b8aba4c70 Show response
api.mdsyzz.info/rest/v1/p-apps/get-id/ 129 B
637 B 76ms
58ms XHR
text/plain 2606:4700:3032::681f:582e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.info/rest/v1/p-apps/get-id/d02cf1e5-3852-4ec9-b89b-257b8aba4c70?url=https://elven11th.inofferswelove.com
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 96eb05d693bae87931d4abea8d8462295b7a075a592c3b23b927609bbe25f118

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
cf-request-id: 02d42e2723000006015491a200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 5966e61e9eda0601-FRA
expires: -1

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1883664215&t=pageview&_s=1&dl=https%3A%2F%2Felven11th.inofferswelove.com%2Ffr%2F%3Fo%3D1376%26r%3Dyct147800864mpf1%26a%3D30%26sa%3D5a53c9c01a...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1895128880.1589986529&jid=1263603002&_gid=750096235.1589986529&gjid=2131823239&_v=j82&z=1240529025

35 B
99 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1895128880.1589986529&jid=1263603002&_gid=750096235.1589986529&gjid=2131823239&_v=j82&z=1240529025

Requested by

Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 May 2020 14:55:29 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 May 2020 14:55:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1895128880.1589986529&jid=1263603002&_gid=750096235.1589986529&gjid=2131823239&_v=j82&z=1240529025
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 29ms
29ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: elven11th.inofferswelove.com
URL: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 14:55:29 GMT
content-encoding: gzip
x-amz-request-id: 68816943BBA2D410
x-cache: HIT
status: 200
content-length: 9086
x-amz-id-2: wRJfj0Hu6v+esK4f/HJcCZfjZsTcuKTEFoHNgvW9qtEHQz0XaIKZuRplqz4KTFq0hJvgmtQvySs=
x-served-by: cache-fra19160-FRA
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1589986529.245604,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 139

GET
H/1.1 200
OK d4db62af92 Show response
bam.nr-data.net/1/ 57 B
275 B 113ms
113ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1717&ref=https://elven11th.inofferswelove.com/fr/&be=1439&fe=1681&dc=1596&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1589986527552,%22n%22:0,%22f%22:1247,%22dn%22:1247,%22dne%22:1269,%22c%22:1269,%22s%22:1275,%22ce%22:1285,%22rq%22:1285,%22rp%22:1365,%22rpe%22:1366,%22dl%22:1374,%22di%22:1595,%22ds%22:1595,%22de%22:1595,%22dc%22:1680,%22l%22:1680,%22le%22:1681%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://elven11th.inofferswelove.com/fr/?o=1376&r=yct147800864mpf1&a=30&sa=5a53c9c01a59ae33d1d11b44
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.inofferswelove.com/	1970-01-19 09:39:46	Name: _gat Value: 1
.inofferswelove.com/	1970-01-20 03:10:58	Name: _ga Value: GA1.2.1895128880.1589986529
.inofferswelove.com/	1970-01-19 09:41:12	Name: _gid Value: GA1.2.750096235.1589986529
elven11th.inofferswelove.com/	1970-01-19 09:42:39	Name: PHPSESSID_MS Value: kgsee0es9n9gqu06oe7lgunrk3
.inofferswelove.com/	1970-01-19 10:22:58	Name: __cfduid Value: d4aabfa1de67cb265b6a4b458d53ffb421589986528

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.info
bam.nr-data.net
capitalonecd360.com
cdn.onesignal.com
elven11th.inofferswelove.com
feelingluckytoday.com
js-agent.newrelic.com
prizeoffersforyou.com
stats.g.doubleclick.net
usd.khurshid-sus.com
www.google-analytics.com
www.luckysoff.com
www.pocketbikerss.com
151.101.14.110
162.247.242.21
23.82.12.32
2606:4700:3031::6818:66b1
2606:4700:3031::681f:5a38
2606:4700:3032::681f:582e
2606:4700:3034::681b:96ce
2606:4700:3034::681f:4bac
2606:4700::6812:e134
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9a
45.63.23.4
54.84.174.180
0477a6ce5d432e2372b40c19c4c0a2a6f0a669746d77d4186472ffbbcb91d2b5
0e43479b2a012152c7ebc8f9c6eed18255fe83d8afd5c2ca28d447682d342454
1c629bf7da930e0791a2e40505b1dd2a19447f02ca014b823eddd817966bbc2e
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3407adf853193b2244a771dcd46c27c4dd5d00dcc4e22c267424c0129a48364a
37641e80e90736df5a0739b512d6a6523008a51b3b9f84b8d144857e5895b693
3de81a7fc0e9f458efde1fce19da26525b608efe332580e38bad4ec8d3e73e42
4074684ca53e8ac03f6ce666d323f8c0ff5446f7ef677f9e8546b72ab97101ca
451c71e676eea11fd696ae6e87a930ec08f00e7593879edfd7b192d628d92777
48394794b5c4a4458605764cfac7db10487f6a2b56174f63fb072a1ce45d9928
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5729bdce61355430757a6c83f442ecf833fb7b2267fe11d3eab62abdf590c72d
5b91ea8c989cb241efefa0f9ac1ae88ab7050967d44eac887222964ebac207f7
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6f33ce26a4bdaece7c1c98289ad21dbe60b540046f588711d3d8f3d89eff5401
75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5
78c10ddeeb5a4f528bf5e0355bf0c5d3188193d095aba15e36f97c5a519bb416
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
901cbb6525b3545f826b220014f59bd438b38aca66fc5c5785bd2956642bf5fb
96eb05d693bae87931d4abea8d8462295b7a075a592c3b23b927609bbe25f118
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
a74c28fe12f96e33877f85877dd54995524e007b62883b5ab483015fa8e1cd88
b1357113f7b28eb8a5e2da0fe0bca37f40fa0d5d25d9dafa4698d0ceb9c72d78
b9723b86b4f82e2db0b27dd2c79275b07d3cf73e625ba24e709e17012357850b
be09d78c12fdb604d4fe5a8d78835eec834bf38fecfd9e9bae9cfc2593b0b32f
ceab95742790be06ee7d6a387cf34e76db6987477e91aa0d9ed5246401477108
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

elven11th.inofferswelove.com Open in urlscan Pro 2606:4700:3031::6818:66b1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

94 %HTTPS

62 %IPv6

13 Domains

13 Subdomains

8 IPs

3 Countries

734 kBTransfer

1053 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elven11th.inofferswelove.com Open in urlscan Pro
2606:4700:3031::6818:66b1 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

94 %
HTTPS

62 %
IPv6

13
Domains

13
Subdomains

8
IPs

3
Countries

734 kB
Transfer

1053 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions