urlscan.io logo urlscan.io
SecurityTrails logo

win.click2win4life.com Open in urlscan Pro
172.67.206.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52...
Effective URL: https://win.click2win4life.com/api/offer
Submission: On April 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 2 countries across 24 domains to perform 68 HTTP transactions. The main IP is 172.67.206.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is win.click2win4life.com. The Cisco Umbrella rank of the primary domain is 544699.
TLS certificate: Issued by E1 on February 26th 2024. Valid for: 3 months.
This is the only time win.click2win4life.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.82.71.220 16509 (AMAZON-02)
1 35.164.115.214 16509 (AMAZON-02)
1 1 54.215.171.222 16509 (AMAZON-02)
1 1 34.149.113.138 396982 (GOOGLE-CL...)
1 3 172.67.206.69 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
11 2600:9000:24f... 16509 (AMAZON-02)
4 142.250.81.228 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 52.217.163.65 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 172.64.134.38 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.129.44 54113 (FASTLY)
1 2600:9000:24f... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
1 142.251.16.156 15169 (GOOGLE)
1 199.38.167.130 54312 (ROCKETFUEL)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 31.13.71.7 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 20.84.22.197 8075 (MICROSOFT...)
2 141.226.224.48 200478 (TABOOLA-AS)
1 2 20.110.205.119 8075 (MICROSOFT...)
4 44.219.116.97 14618 (AMAZON-AES)
1 172.253.62.113 ()
68 30
1    35.82.71.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-71-220.us-west-2.compute.amazonaws.com
hottrk.com
1    35.164.115.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-115-214.us-west-2.compute.amazonaws.com
qckrtr.com
1    54.215.171.222 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-171-222.us-west-1.compute.amazonaws.com
smd4.com
1    34.149.113.138 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 138.113.149.34.bc.googleusercontent.com
go.whatifoffers.com
3    172.67.206.69 (United States)

ASN13335 (CLOUDFLARENET, US)
win.click2win4life.com
1    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
11    2600:9000:24f0:a000:16:a31f:4840:21 (United States)

ASN16509 (AMAZON-02, US)
d3v7hbq4afry8x.cloudfront.net
4    142.250.81.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f4.1e100.net
www.google.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    52.217.163.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
whatif-assets-cdn.s3.amazonaws.com
3    2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:e2::ac40:8626 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-keingent.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:807::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    172.64.134.38 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-keingent.com
2    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2600:9000:24f1:7800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
3    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
stats.g.doubleclick.net
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
20759045p.rfihub.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    20.84.22.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
4    44.219.116.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-116-97.compute-1.amazonaws.com
apm.cylog.io
1    172.253.62.113 (None, )

ASN- ()
analytics.google.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d3v7hbq4afry8x.cloudfront.net
73 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 159
1 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 744
f.clarity.ms — Cisco Umbrella Rank: 6092
c.clarity.ms — Cisco Umbrella Rank: 1368
28 KB
5 trk-keingent.com
trk-keingent.com — Cisco Umbrella Rank: 30133
event.trk-keingent.com — Cisco Umbrella Rank: 71059
3 KB
4 cylog.io
apm.cylog.io — Cisco Umbrella Rank: 237309
218 B
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 917
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2351
25 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
c.bing.com — Cisco Umbrella Rank: 234
16 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
ajax.googleapis.com — Cisco Umbrella Rank: 372
102 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
73 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
425 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
297 KB
3 click2win4life.com
win.click2win4life.com — Cisco Umbrella Rank: 544699
11 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
367 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
30 KB
1 rfihub.com
20759045p.rfihub.com
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5083
6 KB
1 gstatic.com
www.gstatic.com
199 KB
1 amazonaws.com
whatif-assets-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 252203
204 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1126
14 KB
1 whatifoffers.com
go.whatifoffers.com — Cisco Umbrella Rank: 754499
633 B
1 smd4.com
smd4.com
219 B
1 qckrtr.com
qckrtr.com
604 B
1 hottrk.com
hottrk.com
192 B
68 24
Domain Requested by
11 d3v7hbq4afry8x.cloudfront.net win.click2win4life.com
4 apm.cylog.io d3v7hbq4afry8x.cloudfront.net
4 analytics.google.com www.googletagmanager.com
4 event.trk-keingent.com d3v7hbq4afry8x.cloudfront.net
4 www.google.com win.click2win4life.com
www.gstatic.com
3 f.clarity.ms d3v7hbq4afry8x.cloudfront.net
3 connect.facebook.net qckrtr.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
win.click2win4life.com
3 stats.g.doubleclick.net d3v7hbq4afry8x.cloudfront.net
www.googletagmanager.com
3 www.googletagmanager.com win.click2win4life.com
www.googletagmanager.com
www.google-analytics.com
3 ajax.googleapis.com win.click2win4life.com
3 win.click2win4life.com 1 redirects qckrtr.com
2 c.clarity.ms 1 redirects
2 trc-events.taboola.com d3v7hbq4afry8x.cloudfront.net
2 www.facebook.com win.click2win4life.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google-analytics.com win.click2win4life.com
d3v7hbq4afry8x.cloudfront.net
2 cdnjs.cloudflare.com win.click2win4life.com
1 c.bing.com 1 redirects
1 20759045p.rfihub.com c1.rfihub.net
1 trc.taboola.com cdn.taboola.com
1 c1.rfihub.net qckrtr.com
1 cdn.taboola.com qckrtr.com
1 www.gstatic.com www.google.com
1 trk-keingent.com win.click2win4life.com
1 whatif-assets-cdn.s3.amazonaws.com win.click2win4life.com
1 maxcdn.bootstrapcdn.com win.click2win4life.com
1 fonts.googleapis.com win.click2win4life.com
1 go.whatifoffers.com 1 redirects
1 smd4.com 1 redirects
1 qckrtr.com
1 hottrk.com 1 redirects
68 32

This site contains links to these domains. Also see Links.

Domain
content.click2win4life.com
click2win4life.com
Subject Issuer Validity Valid
qckrtr.com
Amazon RSA 2048 M03		 2024-01-21 -
2025-02-18		 a year crt.sh
click2win4life.com
E1		 2024-02-26 -
2024-05-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
trk-keingent.com
GTS CA 1P5		 2024-03-28 -
2024-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2024-04-07 -
2024-06-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-16 -
2024-04-15		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.rfihub.net
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-28		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
cylog.io
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-18		 a year crt.sh

This page contains 4 frames:

Primary Page: https://win.click2win4life.com/api/offer
Frame ID: 11EC83B5AC19DEB41BD3EA8FA5F27BD1
Requests: 61 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=8jmuapmielis
Frame ID: ED8EA82E1ACEF1F70DC1C7B6A76A4168
Requests: 1 HTTP requests in this frame

Frame: https://20759045p.rfihub.com/ca.html?ver=9&rb=29330&ca=20759045&_o=29330&_t=20759045&pe=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&pf=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&ra=30302281368069117
Frame ID: F4C1F9962186BC0BE5D9BB74A943BC00
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Frame ID: FAB0971FDFF9D0DBA0AB69732B53E34B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click 2 Win 4 Life!

Page URL History Show full URLs

  1. http://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a****... HTTP 307
    https://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a****... HTTP 302
    https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511 Page URL
  2. https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&EX7=69511&crpx=ufQs040776307 HTTP 302
    https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=69511&sub3=blf1000.47875-16909.RTEUS&sub5= HTTP 302
    https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&a... Page URL
  3. https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&a... HTTP 302
    https://win.click2win4life.com/api/offer Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

68
Requests

99 %
HTTPS

42 %
IPv6

24
Domains

32
Subdomains

30
IPs

2
Countries

1103 kB
Transfer

3062 kB
Size

59
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857 HTTP 307
    https://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857 HTTP 302
    https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511 Page URL
  2. https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&EX7=69511&crpx=ufQs040776307 HTTP 302
    https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=69511&sub3=blf1000.47875-16909.RTEUS&sub5= HTTP 302
    https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age= Page URL
  3. https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age= HTTP 302
    https://win.click2win4life.com/api/offer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857 HTTP 307
  • https://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857 HTTP 302
  • https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Request Chain 1
  • https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&EX7=69511&crpx=ufQs040776307 HTTP 302
  • https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=69511&sub3=blf1000.47875-16909.RTEUS&sub5= HTTP 302
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Request Chain 57
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&RedC=c.clarity.ms&MXFR=05685DACADCA62FB19F949F6A9CA6C8C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&MUID=3AC5B3BDCB24660D3956A7E7CA3867FE

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cr.php
qckrtr.com/
Redirect Chain
  • http://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857
  • https://hottrk.com/ep.php/jk-prmagms:78481/69511:5545_.102b86265ea5cce2bc9c92b8c9c10a?ex1=a*****%40a***.org&ex2=z52s1x2w&crpx=wtul040665857
  • https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
423 B
604 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.115.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-115-214.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
date
Sun, 07 Apr 2024 21:11:47 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 07 Apr 2024 21:11:46 GMT
location
https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
server
Apache
user
win.click2win4life.com/api/
Redirect Chain
  • https://smd4.com/ep.php/wif1a:80739/1000:RTEUS?EX1=&EX7=69511&crpx=ufQs040776307
  • https://go.whatifoffers.com/4Z3KW8Z/51GJL6/?sub1=69511&sub3=blf1000.47875-16909.RTEUS&sub5=
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_o...
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b2e5ba063800ccba9b7553ed689877742fc57e0be2ed13499d75fe49afddeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
870d031f196f5c67-MIA
content-encoding
br
content-type
text/html
date
Sun, 07 Apr 2024 21:11:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBJkuTbfQAkrbttUTfv1TMs2syTqt00DEp%2BL5Y9JFfR0a0ib1XMz7ORtiVZpLSMvpDYDzXLfA2qr3pQCxeNhf9s8ZmMNmDzPEs9qtfpvd1uSFZAVYWtirdkeF4dmSyELK3NnQAl4fmgf"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
content-type
text/html; charset=utf-8
date
Sun, 07 Apr 2024 21:11:48 GMT
location
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
2bd2eed6-304c-494d-8d84-59214b7d8034
Primary Request offer
win.click2win4life.com/api/
Redirect Chain
  • https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_o...
  • https://win.click2win4life.com/api/offer
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f7988a2d2146e87f61b8112d18b515cebf5cec8db89d44e13787d313f8e3f14

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://win.click2win4life.com
Referer
https://win.click2win4life.com/api/user?site_id=43&LPGID=216&email=&aff_name=Oceanic+Media+Buyers%2C+Inc.&aff_id=2447&aff_sub=69511&aff_sub2=&ha_transaction_id=66dd1a6028b2440d8abc6eb1384fdf58&ha_offer_id=81&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
870d03217d215c67-MIA
content-encoding
br
content-type
text/html
date
Sun, 07 Apr 2024 21:11:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlyPo3%2Ft8gF661yoqj0N6V5xAp1VHZvyKLy7VdKZpVCgGm8yUtASvbPKFNjU%2FEPVfpu8GhUDC86rJmUomDLbAvtW8w9c6K0hTo1yfwu6ETASUfasRq9latvL6QrOnf3kfX2tjB21UEcd"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
870d03207b8d5c67-MIA
content-length
0
date
Sun, 07 Apr 2024 21:11:48 GMT
location
https://win.click2win4life.com/api/offer
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJhMVvNlsZXFpuVCgMFreWbzIFpY7XnJWlOYtjwG99HGlDtyXR7M6uw5YAxSddX0OneCJ393YVSeXF7vMy88LJpgZHegFliKXv6Hg7y%2BRpo7pTyaHS%2BpG%2FV9W3vT1Im7%2Fer4xV%2BEtFQe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99da250fb4c5d727c5014b53fbde6aa9f3ce2125d62cc6b10c83f69df30e5f5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Apr 2024 21:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Apr 2024 21:11:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Apr 2024 21:11:49 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/ 		156 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/bootstrap.min.css
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2909c3fc03c4c6b40108470d87ee304c156f8247331f61e230f85ef1ea5735
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
258217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17430
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-26e4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxwIN8ihXil8TCThQkjX550vffVmXucwm3Bk7GP1oUVw%2FFixRtlrCsqnauk%2Flf6NUSoGk5T0tdmjGINA0ezRj187xXoYrtCNYC9ruqk2N4Z5whmo0F7kluXFt6mSqWc8P5K4g8C2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
870d0322aeb8746f-MIA
expires
Fri, 28 Mar 2025 21:11:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 20:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 20:15:59 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ 		233 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 07:58:08 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 07:58:06 GMT
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be18bc4f0ddf05cf8bf13e96bf167fae6741d00c01a950edc5cf2b90afd5ba17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
258201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11611
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c5e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYjTybiAOVFtWSIAd2BkaWSZ8ifz2wxzM0oUFGQTCTQjJ7Orh%2F8hMJEy0IhJKhTH5dnbUsAWiBiF2B5zOUoqL3dYox0brTJ8HkEWuPFI1mR%2FqSplhHP%2BDhleHsrX6FCWUpcnAuBE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
870d0322aeb5746f-MIA
expires
Fri, 28 Mar 2025 21:11:48 GMT
extend.js
d3v7hbq4afry8x.cloudfront.net/js/ 		555 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/extend.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48ff4d35619e8050868c59b2bc61dc421e0d9659feea95aa5a88f5e0d8eb401f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 10:41:54 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
37796
etag
"d36acdb39830efeba0870ae5dbc52444"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
555
x-amz-cf-id
JZqy_AKW65SUIMhmaqYa_TqrI2bikAxQz_btM_xmSxZxMeNxQY5HZA==
x-amz-meta-s3b-last-modified
20170303T184138Z
moment.js
d3v7hbq4afry8x.cloudfront.net/js/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/moment.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8080393095c82a2c9d58a8ccd7ba45356ba6dd4aef7e59f8657b28a5acb9ded

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 17:07:12 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
14677
etag
W/"9f9f17b1ad6cbf5a6ba1e14a67c16a53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-cf-id
3qz3Zk5EfHsuGJjwgVzhZMl8AUhx545VNxgtHmVqiQDsrtOKiFuGJg==
x-amz-meta-s3b-last-modified
20170303T184137Z
BrowserDetect.js
d3v7hbq4afry8x.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/BrowserDetect.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f02da6857982077377db2a8e8556871fc2d529af01fc63de0b95d2871d1d9ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 11:26:37 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35113
etag
W/"ec2998a1fb25db329f5052cc6e7d52d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Cp4IhGILZZBZnj1BrKuIAvSfNulwVpT5H8LoSzcFvrUHISgBiVKJDw==
x-amz-meta-s3b-last-modified
20170303T184139Z
RegPath-v3.0.js
d3v7hbq4afry8x.cloudfront.net/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath-v3.0.js?rev=508
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b271493e02f812925465289a842f6fc816f0217854b480a2d6b5890747c17b0f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 11:27:10 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 12:42:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35080
etag
W/"96fabdd68a0a8491699e891eb57e59e8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
nRMa0PLHbiOfFX3lafwbBBlBTDdsPHTDzt54V-UAHy_R2zxylcV8AA==
RegPath.Pixel.js
d3v7hbq4afry8x.cloudfront.net/js/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath.Pixel.js?rev=201704101403
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 11:26:37 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Apr 2022 16:09:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35113
etag
W/"4a14569c51e06c85ff11e1ecc9cc94f9"
vary
Accept-Encoding
x-amz-meta-sha256
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-id
3Epmc4enQTPP2loT-aH1Rltsyk7uVHi5fBofRK4cR15OGeXhptxULw==
x-amz-meta-s3b-last-modified
20220426T160939Z
jquery.cookie.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/jquery.cookie.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c63e33c4b366a32852b7b7dc6d1219ab968322cd4984c57c37e2ad2e8c0f40a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 10:41:54 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 18:45:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
37796
etag
W/"8b099a68e388ea56b90df9abf7b71466"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-iUOd2MVbD9rJdW3_7rBEQc6qHFyuoaBSRuT_sLAuO7-Z0SlruT3gA==
x-amz-meta-s3b-last-modified
20170303T184137Z
RegPath.Functions.js
d3v7hbq4afry8x.cloudfront.net/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/RegPath.Functions.js?rev=20190131
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9f929ab4efbdc16890f6b6b7e966d49d2004d2bfb2ab26c3d1d93ac0bb4db0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 11:26:37 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Thu, 30 May 2019 19:08:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35113
etag
W/"84d6e60deef28fbe203c67622a90c769"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
evgfllHz8TuovxsSpKjETA22iRf17Bk8WLefgObQRLlHl8K_t1PwRQ==
x-amz-meta-s3b-last-modified
20190530T190844Z
jquery.mask.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/jquery.mask.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a1865a0591bbdc6fb8464f7c1dcf6406dab9e64988c7d5fb33c95c31738716b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 11:26:37 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2017 11:48:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35113
etag
W/"6a4c6cafe964acba8d9414f00553e62a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lCUrIHq8GKHhvd8hddYqUxAw05Jn7mLb2i-FkyDV0XW5GzNUqYT5Ng==
x-amz-meta-s3b-last-modified
20170216T125457Z
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f4.1e100.net
Software
GSE /
Resource Hash
a58ff2de4d6a14e055a553e83a4e67aea6aaf589a57364305eec36105cce9ef3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 07 Apr 2024 21:11:49 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
Origin
https://win.click2win4life.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
974
age
3472498
cdn-cachedat
09/03/2022 05:37:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cad646ed5b1a171f14c869fa74e18582
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
870d0322fb168d9c-MIA
cdn-requestpullsuccess
True
c2w_ani_logo.gif
whatif-assets-cdn.s3.amazonaws.com/images/c2w/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatif-assets-cdn.s3.amazonaws.com/images/c2w/c2w_ani_logo.gif
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.163.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
294de811b09282b78945dcf5ef810d60f32795e61da9781c22d7162d92904af3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 07 Apr 2024 21:11:50 GMT
Last-Modified
Tue, 20 Jul 2021 19:15:28 GMT
Server
AmazonS3
x-amz-request-id
6GW857BP8P15Q6WT
ETag
"dd37701b2e07b044ce399a0cb8036d77"
Content-Type
image/gif
x-amz-storage-class
INTELLIGENT_TIERING
Accept-Ranges
bytes
Content-Length
208545
x-amz-id-2
DWGOc3BahAOG3rQL1qcheELICXNg0HR/OvfvjitMoRIwz6R5XylCm/vZE0wLVlE1Cpbf7sAW+5w=
numberpicker.css
d3v7hbq4afry8x.cloudfront.net/css/c2w/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/css/c2w/numberpicker.css?rev=0017
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5380c18aca8e3719187a17910034e7b6baaed15f02729cc9f1896498c3805295

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:11:01 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 17:39:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
28849
x-amz-server-side-encryption
AES256
etag
W/"6c11c396cf7d827c74899e2a85b1ad60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
jSZVHO0zWJyvcPWRJ4wqWiwm0_n0-BobNkLDe74GN_J99YqomK4UvA==
elastic-apm-rum.umd.min.js
d3v7hbq4afry8x.cloudfront.net/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 10:42:08 GMT
content-encoding
gzip
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 17:22:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
37782
etag
W/"499a90f20515ce3b24663e9cf790a374"
vary
Accept-Encoding
x-amz-meta-sha256
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
content-type
application/javascript
x-cache
Hit from cloudfront
x-amz-cf-id
UdqLwlI154y8rYTJVbTbJrrnlRvVpPKOzLePJSXtjfTDR0I1JNgLwQ==
x-amz-meta-s3b-last-modified
20210210T172039Z
gtm.js
www.googletagmanager.com/ 		273 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc058744d2a3dfec45d82eb9109be05b5afe86b501ff3ffb4164197f5dc46709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 21:11:49 GMT
w6g0k83e9m
trk-keingent.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-keingent.com/scripts/push/script/w6g0k83e9m?url=win.click2win4life.com&alturl=/api/offer
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ed6c7fd6b257bb60d242642599998eba9ab3245923aab0dc130847e2171294
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 07 Apr 2024 21:11:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEkA1Knri7mfC9T0ZfhCP8acbmR463Kq%2FBA8cf0T11DbBIgOvbcDbZNX635cCbQrwQZ9kALYm3CVvT6L5Snm4X2G1vdzv0pIsTdpnFK4zQLeqkyj3Fhhmo9aE%2FSym2O%2F%2BdWMzi6%2FpYCKlKmD0k4%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
870d0325cfb86dd1-MIA
expires
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Apr 2024 19:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4800
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Apr 2024 21:51:49 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		499 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
Origin
https://win.click2win4life.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 17:55:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203369
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Apr 2025 17:55:38 GMT
collect
www.google-analytics.com/j/ 		16 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1370206015&t=pageview&_s=1&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&ul=en-us&de=UTF-8&dt=Click%202%20Win%204%20Life!&sd=24-bit&sr=800x600&vp=1600x1113&je=0&cn=MetaLanding&cs=2447&cm=NA&ck=NA&cc=NA&_u=YEBAAEABAAAAACAAI~&jid=1169398702&gjid=840608076&cid=256552912.1712524310&tid=UA-104092376-1&_gid=1091515023.1712524310&_r=1&_slc=1&cd2=11404726&cd1=33c6ef0a95de71daecbacac8cdee1ffd&z=171459796
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bfc092ad4114d6a34ad066bbeadde46d16deb79ac5f91fc8470eca6b7deb67b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
57dkkvk4dw
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.134.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 07 Apr 2024 21:11:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAQkAF4gpUB6%2F9xof2fjb4jgrREWVmmxtkKfOoFkVsL13beaBEiB%2F1JNuA5aK7gxvirWWg5ZyxRbS%2FJMKwbYF%2FUzkL8hLjBanGTpbJyYREw0ipsD166HW%2BesZe38NcJB5Cqh18LOihfE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
870d0328fbaa67cc-MIA
x-pushplatformapp-params
57dkkvk4dw
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.134.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
870d03287b0b67cc-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 07 Apr 2024 21:11:49 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BtItCDhCWyoHiqIKfyfA94e7dfp%2B4%2B8c3UBavVYvSMGT8YdSdp2bUt2CSwk7DyaYJW%2Blu74X3JGaZJurDuuqRdgakeLlDq4HnwLDnwdNc1QSVfZV78r7nh%2BIDlw24%2BIW2CAwGy0ilw0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-104092376-1&cid=256552912.1712524310&jid=1169398702&gjid=840608076&_gid=1091515023.1712524310&_u=YEBAAEAAAAAAACAAI~&z=955324318
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 07 Apr 2024 21:11:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9046d576c412184b59125d9b9b83dd42bb583ca1db8979d94c3e74b71adc1f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100262
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 21:11:49 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 07 Apr 2024 21:11:49 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0BDF77DBAE684D309FCD1260CFCF8740 Ref B: MIAEDGE2510 Ref C: 2024-04-07T21:11:49Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Apr 2024 21:11:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57928
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=67, rtx=0, c=12, mss=1294, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
yg0Y9yhRorEntbkIv85vWy8C5RFZFIi1cYKz0PxkNWXZxK+pnDQiWoMLUr34UzDE+swPPtHGxWX472rrtwZ8OA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1525342/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30712e6e7e7e97461a35536bbfb4d9d387755c61a410df5ae8fcd9e7a2c92586

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
k7UybRAslmjfvIMAarghhgvWLuTqBR9x
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Apr 2024 21:11:49 GMT
x-amz-request-id
NQMAFESH17B8KMWX
age
95
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
21513
x-amz-id-2
cB5wPhZCE6LOjWOBZbV/PnmzSBVHQOEhQ9hyr80cckjrH4zwns4TC99LaHU1g5IdEFMY3L3KGK0=
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Sun, 07 Apr 2024 11:55:26 GMT
server
AmazonS3
x-timer
S1712524310.877475,VS0,VE1
etag
"4f23068ee8c52ad4a57dd7733594592f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
30
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: qckrtr.com
URL: https://qckrtr.com/cr.php?cid=1150&EML=&meta&EX7=69511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:7800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:10:26 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Sun, 07 Apr 2024 21:10:16 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
JFK50-P4
age
84
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
-oVvvpRGvRSYXAa1JBjjf2A3vgsg5FjcOQFIPnQnM3XUDWyY9z2Gbg==
expires
Sun, 07 Apr 2024 22:10:26 GMT
js
www.googletagmanager.com/gtag/ 		317 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57b99ba1209d474870b7af49f1d783ce5192fa15198e3a901d53859c485dd9bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106391
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Apr 2024 21:11:49 GMT
json
trc.taboola.com/1525342/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1525342/trc/3/json?tim=1712524309949&data=%7B%22id%22%3A123%2C%22ii%22%3A%22%2Fapi%2Foffer%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1712524309910%2C%22cv%22%3A%2220240407-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer%3F%22%2C%22e%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dwhatifholdingsllc-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1712524309935%2C%22ref%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D%22%2C%22item-url%22%3A%22https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1525342/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81d887bbee163d3a025dd61fb7c45e4ad5a789738c1d5f42b481a792abe713d3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
41
date
Sun, 07 Apr 2024 21:11:50 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
30189
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760020-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1712524310.996583,VS0,VE41
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-104092376-1&cid=256552912.1712524310&jid=1169398702&_u=YEBAAEAAAAAAACAAI~&z=1060395627
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
283006946.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/283006946.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
401a27a0d77d23a54474f83f162b77ae0267038cbde300820577ecc1989412af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sun, 07 Apr 2024 21:11:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17EB0257DB85497CAAC549E30D55D33F Ref B: MIAEDGE2510 Ref C: 2024-04-07T21:11:50Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=283006946&tm=gtm002&Ver=2&mid=e5c2b80d-b61c-434e-9cc3-19317fa2bcba&sid=733027e0f52311eea6ab1f231095bc17&vid=73341da0f52311ee9ef5d119bcfbf417&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Click%202%20Win%204%20Life!&p=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&r=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&lt=870&evt=pageLoad&sv=1&rn=853093
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 07 Apr 2024 21:11:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5FA395BF18224B8587D45DB2C5BCED65 Ref B: MIAEDGE2510 Ref C: 2024-04-07T21:11:50Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame ED8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=8jmuapmielis
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sJiI_JEysCkL29fgvUS_MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sJiI_JEysCkL29fgvUS_MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Apr 2024 21:11:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4430v897480540z876106557za200&_p=1712524308869&gcd=13l3l3l3l1&npa=0&dma=0&cid=256552912.1712524310&ecid=1238411081&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712524310&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=emailLandingView&_et=3&tfd=1751
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4430v897480540z876106557za200&_p=1712524308869&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=256552912.1712524310&ecid=1238411081&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_s=2&sid=1712524310&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=page_view&_fv=1&_ss=1&tfd=1752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TSC3CVVXJJ&cid=256552912.1712524310&gtm=45je4430v897480540z876106557za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N3S3KMLTMB&gtm=45je4430v897481038za200&_p=1712524308869&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=800x600&cid=256552912.1712524310&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dt=Click%202%20Win%204%20Life!&cn=MetaLanding&cs=2447&cm=NA&ck=NA&cc=NA&sid=1712524310&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=11404726&ep.ua_dimension_1=33c6ef0a95de71daecbacac8cdee1ffd&tfd=1924
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N3S3KMLTMB&cid=256552912.1712524310&gtm=45je4430v897481038za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3S3KMLTMB&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.html
20759045p.rfihub.com/ Frame F4C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20759045p.rfihub.com/ca.html?ver=9&rb=29330&ca=20759045&_o=29330&_t=20759045&pe=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&pf=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&ra=30302281368069117
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Content-Length
5159
Content-Type
text/html;charset=utf-8
Date
Sun, 07 Apr 2024 21:11:50 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
283006946
www.clarity.ms/tag/uet/ 		880 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/283006946
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/283006946.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00e31874e8895f7ca40422eac899adef99b2e5d5d4a6767019261ec3822b5990

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sun, 07 Apr 2024 21:11:50 GMT
x-azure-ref
20240407T211150Z-178b9d4b695s4n8x32unggey2g000000085000000000h3k2
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
880
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
1152826321572698
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1152826321572698?v=2.9.152&r=stable&domain=win.click2win4life.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dae0543be8c1f5cf2d38faa28b354e991c8fbde695ddcf0d559cdb036e89e11b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Apr 2024 21:11:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11749
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=64, mss=1294, tbw=63165, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
0TVDPFsNESMkAwJHLgl705hKyz9ecvpv4P5xmOdbgtbCZ2SYDl+wdUCUBMLS/e7/iQ4waNRY0a8UZx8wR5n26Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
262452210906160
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/262452210906160?v=2.9.152&r=stable&domain=win.click2win4life.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
ee3be12b8f67454da3be2dbc5b3bf3944895c63f7ee50f32dc4051e876c83be6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Apr 2024 21:11:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2720
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=23, mss=1232, tbw=4333, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
LSlVIPa0cOHbuchUxYB2WKWJSU09oB3RrXgfB/fcp3geNiAPgO0dYCRd5gsdrYBTYfjmdwTEbwwUGKtOiJ+zdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1152826321572698&ev=PageView&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&rl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&if=false&ts=1712524310679&sw=800&sh=600&v=2.9.152&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712524310675.1430342944&cdl=API_unavailable&it=1712524310571&coo=false&rqm=GET
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1294, tbw=2812, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Apr 2024 21:11:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.26/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.26/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/283006946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:11:50 GMT
content-encoding
br
last-modified
Mon, 01 Apr 2024 13:40:06 GMT
etag
W/"0x8DC52513DD96806"
vary
Accept-Encoding
x-azure-ref
20240407T211150Z-178b9d4b695s4n8x32unggey2g000000085000000000h3k5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5cd56cdc-e01e-003c-68c9-86071c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=262452210906160&ev=PageView&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&rl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&if=false&ts=1712524310754&sw=800&sh=600&v=2.9.152&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712524310675.1430342944&cdl=API_unavailable&it=1712524310571&coo=false&rqm=GET
Requested by
Host: win.click2win4life.com
URL: https://win.click2win4life.com/api/offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1294, tbw=2812, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Apr 2024 21:11:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
f.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://win.click2win4life.com
Date
Sun, 07 Apr 2024 21:11:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
bframe
www.google.com/recaptcha/api2/ Frame FAB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f7iH0jlgCoBjnuAp-vLQRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.click2win4life.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-f7iH0jlgCoBjnuAp-vLQRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Apr 2024 21:11:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
57dkkvk4dw
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.134.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
870d03343f6c67cc-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 07 Apr 2024 21:11:51 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9Q%2FxXHqLNMxd23vqMK6aawUKGL1dQ7wg%2FE6OS04%2BVqSQmzpOyAxGhmu1qzbqaZQ%2Fc7%2FJlIeJEKukHRjx%2FUfqraLZcJmCWOxpKdSaHKCbO9Npa2%2BpHjs9CG1Kpaji%2BNEwO8EwRcsqWAj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
57dkkvk4dw
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/57dkkvk4dw
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.134.38 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 07 Apr 2024 21:11:51 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJCTTVJGcyEpKC3JWWdsPFE6xJMeF9rRlAeKQpD%2FaUjWEuA4D3lqiNjbGHwbPIQ3hRZYjbVLooL%2BTwXs5kD%2Bf7auRRLdLgmBZ%2FE1OW02ehUeiLu8ClJQ%2BBA5eZT9f2YNStMfPOIR9WUq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
870d0334a84267cc-MIA
x-pushplatformapp-params
unip
trc-events.taboola.com/1525342/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1525342/log/3/unip?en=pre_d_eng_tb&tos=1782&scd=0&ssd=1&est=1712524309930&ver=36&isls=true&src=i&invt=1500&msa=6&rv=1&tim=1712524311716&vi=1712524309910&ri=08e50022de497b445594ef9749ce98ad&sd=v2_981207d85410ea8be856e065c3bc5593_a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196_1712524310_1712524310_CIi3jgYQ3oxdGJbrnNPrMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiOu9DJnZuYkHNwAQ&ui=a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196&ref=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&cv=20240407-9-RELEASE&item-url=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
pragma
no-cache
date
Sun, 07 Apr 2024 21:11:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&RedC=c.clarity.ms&MXFR=05685DACADCA62FB19F949F6A9CA6C8C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&MUID=3AC5B3BDCB24660D3956A7E7CA3867FE
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&MUID=3AC5B3BDCB24660D3956A7E7CA3867FE
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://win.click2win4life.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:51 GMT
last-modified
Fri, 01 Mar 2024 22:53:54 GMT
server
Microsoft-IIS/10.0
etag
"32434d562b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B825D356A1014453B85890DA92A78F40 Ref B: MIAEDGE2510 Ref C: 2024-04-07T21:11:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E5BEC1F6B1D4941B71BF599F365E5BD&MUID=3AC5B3BDCB24660D3956A7E7CA3867FE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
f.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://win.click2win4life.com
Date
Sun, 07 Apr 2024 21:11:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
C2W-favicon.png
d3v7hbq4afry8x.cloudfront.net/favicons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d3v7hbq4afry8x.cloudfront.net/favicons/C2W-favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:a000:16:a31f:4840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 16:20:32 GMT
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
last-modified
Thu, 03 Feb 2022 14:15:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
17481
etag
"6552276e8e83c7ef39f40a4b57e3e8bf"
vary
Accept-Encoding
x-amz-meta-sha256
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
content-type
image/png
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
1823
x-amz-cf-id
5mQoPcgRuTXRuHbX3Xu-o-EbiaRUxgSXHOiQaVEJmGWM1VhFGDUeoQ==
x-amz-meta-s3b-last-modified
20220203T141317Z
events
apm.cylog.io/intake/v2/rum/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.116.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-116-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Content-Encoding
gzip
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-ndjson
Referer
https://win.click2win4life.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
date
Sun, 07 Apr 2024 21:11:53 GMT
x-content-type-options
nosniff
content-length
0
events
apm.cylog.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.116.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-116-97.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://win.click2win4life.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Sun, 07 Apr 2024 21:11:53 GMT
vary
Origin
x-content-type-options
nosniff
collect
f.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://win.click2win4life.com
Date
Sun, 07 Apr 2024 21:11:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
unip
trc-events.taboola.com/1525342/log/3/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1525342/log/3/unip?en=pre_d_eng_tb&tos=4788&scd=0&ssd=1&est=1712524309930&ver=36&isls=true&src=i&invt=3000&msa=6&rv=1&tim=1712524314722&vi=1712524309910&ri=08e50022de497b445594ef9749ce98ad&sd=v2_981207d85410ea8be856e065c3bc5593_a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196_1712524310_1712524310_CIi3jgYQ3oxdGJbrnNPrMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiOu9DJnZuYkHNwAQ&ui=a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196&ref=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&cv=20240407-9-RELEASE&item-url=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
pragma
no-cache
date
Sun, 07 Apr 2024 21:11:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
events
apm.cylog.io/intake/v2/rum/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Requested by
Host: d3v7hbq4afry8x.cloudfront.net
URL: https://d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.116.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-116-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Content-Encoding
gzip
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-ndjson
Referer
https://win.click2win4life.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://win.click2win4life.com
date
Sun, 07 Apr 2024 21:11:54 GMT
x-content-type-options
nosniff
content-length
0
events
apm.cylog.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.cylog.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.116.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-116-97.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://win.click2win4life.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://win.click2win4life.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Sun, 07 Apr 2024 21:11:54 GMT
vary
Origin
x-content-type-options
nosniff
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TSC3CVVXJJ&gtm=45je4430v897480540za200&_p=1712524308869&gcd=13l3l3l3l1&npa=0&dma=0&cid=256552912.1712524310&ecid=1238411081&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1712524310&sct=1&seg=0&dl=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&dr=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D216%26email%3D%26aff_name%3DOceanic%2BMedia%2BBuyers%252C%2BInc.%26aff_id%3D2447%26aff_sub%3D69511%26aff_sub2%3D%26ha_transaction_id%3D66dd1a6028b2440d8abc6eb1384fdf58%26ha_offer_id%3D81%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D&dt=Click%202%20Win%204%20Life!&en=scroll&epn.percent_scrolled=90&_et=187&tfd=6942
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.113 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://win.click2win4life.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Apr 2024 21:11:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.click2win4life.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| s_user_email object| dataLayer string| session_id number| z function| nr_pageview string| domain string| img_name object| link function| $ function| jQuery function| extend function| moment object| BrowserDetect function| recaptchaOnSuccess object| RegPath object| $jscomp object| bootstrap object| selnbs boolean| pop function| updateSelNb function| quick function| quick_clear function| pick function| validate function| errorAlert string| GoogleAnalyticsObject function| ga object| elasticApm function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| postscribe object| google_tag_manager_external object| google_tag_manager function| fbq function| _fbq object| _tfa function| _rfi function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| UET function| UET_init function| UET_push object| ueto_10e0222f20 object| uetq object| recaptcha object| closure_lm_699174 function| onYouTubeIframeAPIReady object| googletag function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| clarity object| clarityuetq

59 Cookies

Domain/Path Name / Value
.taboola.com/whatifholdingsllc-sc/ Name: taboola_session_id
Value: v2_981207d85410ea8be856e065c3bc5593_a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196_1712524310_1712524310_CIi3jgYQ3oxdGJbrnNPrMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGiOu9DJnZuYkHNwAQ
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABIEJouTJjFqGi0Fwg6dEYuGhG-7jW5N1y5PwG2XA0CrIxs9EqooafXQ9Ty_bI3aYNgvCpP11M2Xm4vppmMeCvY
hottrk.com/ Name: vip_id
Value: 69511.47875-20150
qckrtr.com/ Name: hskp
Value: ufQs040776307%2C
qckrtr.com/ Name: skip
Value: -1712524307%2C4102
qckrtr.com/ Name: 1150_4102_0
Value: 1712524307
smd4.com/ Name: vip_id
Value: 1000.47875-16909
go.whatifoffers.com/ Name: uniqueClick_51GJL6
Value: 6728a6d7-6568-464f-b76a-9a735ef8fcfb:1712524308
go.whatifoffers.com/ Name: transaction_id
Value: 66dd1a6028b2440d8abc6eb1384fdf58
win.click2win4life.com/ Name: vertx-web.session
Value: 33c6ef0a95de71daecbacac8cdee1ffd
win.click2win4life.com/ Name: AWSALB
Value: PM+T7XgLgX/fT/zl+IoAqqWHpNfpBU8v0+WdP9asx31QsrycMvJ90b0WYPkouTHr/YnMXYazYc7yVFirmyLaercZOkZYNcySAcyE8yxPAL5VzmDdH+3uLvC6uR61
win.click2win4life.com/ Name: AWSALBCORS
Value: PM+T7XgLgX/fT/zl+IoAqqWHpNfpBU8v0+WdP9asx31QsrycMvJ90b0WYPkouTHr/YnMXYazYc7yVFirmyLaercZOkZYNcySAcyE8yxPAL5VzmDdH+3uLvC6uR61
.click2win4life.com/ Name: _gid
Value: GA1.2.1091515023.1712524310
.click2win4life.com/ Name: _gat
Value: 1
.click2win4life.com/ Name: _gcl_au
Value: 1.1.797707420.1712524310
.click2win4life.com/ Name: _uetsid
Value: 733027e0f52311eea6ab1f231095bc17
.click2win4life.com/ Name: _uetvid
Value: 73341da0f52311ee9ef5d119bcfbf417
.taboola.com/ Name: t_gid
Value: a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196
.taboola.com/ Name: t_pt_gid
Value: a1bfac7d-20ab-4c79-8594-dad134cf38da-tuctd0c9196
.bing.com/ Name: MUID
Value: 3AC5B3BDCB24660D3956A7E7CA3867FE
.bat.bing.com/ Name: MR
Value: 0
.click2win4life.com/ Name: _ga
Value: GA1.1.256552912.1712524310
.click2win4life.com/ Name: _ga_N3S3KMLTMB
Value: GS1.2.1712524310.1.0.1712524310.60.0.0
.click2win4life.com/ Name: _ga_TSC3CVVXJJ
Value: GS1.1.1712524310.1.0.1712524310.60.0.1238411081
.click2win4life.com/ Name: _fbp
Value: fb.1.1712524310675.1430342944
www.clarity.ms/ Name: CLID
Value: 6e1b1d0c961d42788ba925619962cf33.20240407.20250407
.click2win4life.com/ Name: _clck
Value: 10ogq53%7C2%7Cfkq%7C0%7C1558
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjCxsDQzNzE1tzAzE-Iz1A3PCXHX9TPOSgnNTQEAtJA12iQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjCxsDQzNzE1tzAzE-Iz1A3PCXHX9TPOSgnNTQEAtJA12iQAAAA
.click2win4life.com/ Name: _clsk
Value: 1bsqotr%7C1712524311154%7C1%7C1%7Cf.clarity.ms%2Fcollect
.casalemedia.com/ Name: CMID
Value: ZhMMF8AoJcYAAG.mANv-SgAA
.casalemedia.com/ Name: CMPS
Value: 2937
.casalemedia.com/ Name: CMPRO
Value: 2937
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968062848967457866
.pubmatic.com/ Name: PugT
Value: 1712524309
.demdex.net/ Name: demdex
Value: 50126297268249104830396182997829539705
.rezync.com/ Name: zync-uuid
Value: e36ceaed-71a3-43e2-973e-a3ebfb75e5b3:1712524311.3834748
.rlcdn.com/ Name: rlas3
Value: qmzF8r0kvITBNvI3xJxeQeXh0ur+vEIi7FpyQQxC2KY=
.rlcdn.com/ Name: pxrc
Value: CAA=
.dpm.demdex.net/ Name: dpm
Value: 50126297268249104830396182997829539705
.doubleclick.net/ Name: IDE
Value: AHWqTUnM3Vkuu6UiK4eJWZOck_eHaIrSoSpR6Ooo0Q_ZrkOoS3gjRvvc_MwuT0ZlkNc
.media.net/ Name: visitor-id
Value: 3555259111524429000V10
.media.net/ Name: data-rk
Value: 968062848967457866~~3
.bidswitch.net/ Name: tuuid
Value: 36d0b63b-ed3b-4470-8a79-062fda29ea06
.bidswitch.net/ Name: c
Value: 1712524311
.bidswitch.net/ Name: tuuid_lu
Value: 1712524311
.eyeota.net/ Name: mako_uid
Value: 18eba673cc4-63200000010a4c9f
.eyeota.net/ Name: SERVERID
Value: 19615~DM
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129QlNL0nOLinNMogqzgqLzDEwyjE3KQ_iNTQ3NDI1MjE2BDLMZjEi8Q0MzDeh8Xeh8U-h8V-h8X-h8ScxofIXofFXofE3ocuzoPJvIfONLYw3saK5lxvNfmHzVGOz5NTE1BRdc8NEY10T41QjXUtz41TdROPUpLQkc9NU0yRjK4QmPaCpJuYmFrOEkUyyNDRbhMo3fySMahMALglP23cBAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129QlNL0nOLinNMogqzgqLzDEwyjE3KW9iMU81NktOTUxN0TU3TDTWNTFONdK1NDdO1U00Tk1KSzI3TTVNMrYyNDc0MjUyMTY01DO2MDYxN7EAAOhGPvpYAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FuWQUtbuIxB7RKyyRZxPzPefX6-5B0wfmxbS7O2Q963rw0wv-qlDvmAXn-rPSFDYr1zUNLEQlGUGc4BuvVe322sy1UMebZiixNf0BFacEnQXEGbHpNEixNmLz7EQOj9DRVJSOH8A7lcJkA.ZhMMGA.FatOMezFxEu_072ftkD30StYNQA
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3AC5B3BDCB24660D3956A7E7CA3867FE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3AC5B3BDCB24660D3956A7E7CA3867FE
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

108 Console Messages

Source Level URL
Text
other error URL: https://win.click2win4life.com/api/offer
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1152826321572698?v=2.9.152&r=stable&domain=win.click2win4life.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://win.click2win4life.com/api/offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20759045p.rfihub.com
ajax.googleapis.com
analytics.google.com
apm.cylog.io
bat.bing.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
d3v7hbq4afry8x.cloudfront.net
event.trk-keingent.com
f.clarity.ms
fonts.googleapis.com
go.whatifoffers.com
hottrk.com
maxcdn.bootstrapcdn.com
qckrtr.com
smd4.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
trk-keingent.com
whatif-assets-cdn.s3.amazonaws.com
win.click2win4life.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.24.14
104.18.11.207
141.226.224.48
142.250.81.228
142.251.16.156
151.101.129.44
172.253.62.113
172.64.134.38
172.67.206.69
199.38.167.130
20.110.205.119
20.84.22.197
2001:4860:4802:34::181
2600:9000:24f0:a000:16:a31f:4840:21
2600:9000:24f1:7800:1:76cf:fe80:93a1
2606:4700:e2::ac40:8626
2607:f8b0:4004:c09::9c
2607:f8b0:4006:807::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::200a
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
31.13.71.7
34.149.113.138
35.164.115.214
35.82.71.220
44.219.116.97
52.217.163.65
54.215.171.222
00e31874e8895f7ca40422eac899adef99b2e5d5d4a6767019261ec3822b5990
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c
294de811b09282b78945dcf5ef810d60f32795e61da9781c22d7162d92904af3
30712e6e7e7e97461a35536bbfb4d9d387755c61a410df5ae8fcd9e7a2c92586
401a27a0d77d23a54474f83f162b77ae0267038cbde300820577ecc1989412af
48ff4d35619e8050868c59b2bc61dc421e0d9659feea95aa5a88f5e0d8eb401f
4a1865a0591bbdc6fb8464f7c1dcf6406dab9e64988c7d5fb33c95c31738716b
4f7988a2d2146e87f61b8112d18b515cebf5cec8db89d44e13787d313f8e3f14
5380c18aca8e3719187a17910034e7b6baaed15f02729cc9f1896498c3805295
57b99ba1209d474870b7af49f1d783ce5192fa15198e3a901d53859c485dd9bc
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f02da6857982077377db2a8e8556871fc2d529af01fc63de0b95d2871d1d9ab
81d887bbee163d3a025dd61fb7c45e4ad5a789738c1d5f42b481a792abe713d3
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
9046d576c412184b59125d9b9b83dd42bb583ca1db8979d94c3e74b71adc1f2b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99da250fb4c5d727c5014b53fbde6aa9f3ce2125d62cc6b10c83f69df30e5f5a
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
a58ff2de4d6a14e055a553e83a4e67aea6aaf589a57364305eec36105cce9ef3
ad9f929ab4efbdc16890f6b6b7e966d49d2004d2bfb2ab26c3d1d93ac0bb4db0
b271493e02f812925465289a842f6fc816f0217854b480a2d6b5890747c17b0f
b9b2e5ba063800ccba9b7553ed689877742fc57e0be2ed13499d75fe49afddeb
be18bc4f0ddf05cf8bf13e96bf167fae6741d00c01a950edc5cf2b90afd5ba17
bfc092ad4114d6a34ad066bbeadde46d16deb79ac5f91fc8470eca6b7deb67b0
c63e33c4b366a32852b7b7dc6d1219ab968322cd4984c57c37e2ad2e8c0f40a0
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
d8080393095c82a2c9d58a8ccd7ba45356ba6dd4aef7e59f8657b28a5acb9ded
dae0543be8c1f5cf2d38faa28b354e991c8fbde695ddcf0d559cdb036e89e11b
dc058744d2a3dfec45d82eb9109be05b5afe86b501ff3ffb4164197f5dc46709
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ee3be12b8f67454da3be2dbc5b3bf3944895c63f7ee50f32dc4051e876c83be6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed6c7fd6b257bb60d242642599998eba9ab3245923aab0dc130847e2171294
ff2909c3fc03c4c6b40108470d87ee304c156f8247331f61e230f85ef1ea5735