URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chro...
Submission: On December 17 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3030::6815:5001, located in United States and belongs to CLOUDFLARENET, US. The main domain is gift.amazejoy.com.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time gift.amazejoy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
15 104.21.48.1 13335 (CLOUDFLAR...)
3 188.114.97.3 13335 (CLOUDFLAR...)
12 139.45.197.251 9002 (RETN-AS R...)
1 2a04:4e42::485 54113 (FASTLY)
40 8
Apex Domain
Subdomains
Transfer
21 amazejoy.com
gift.amazejoy.com
211 KB
12 bigrourg.net
bigrourg.net
19 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
3 KB
2 landerlab.io
resources.landerlab.io — Cisco Umbrella Rank: 371582
assets.landerlab.io — Cisco Umbrella Rank: 465294
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
3 KB
40 5
Domain Requested by
21 gift.amazejoy.com gift.amazejoy.com
bigrourg.net
12 bigrourg.net gift.amazejoy.com
bigrourg.net
3 my.rtmark.net gift.amazejoy.com
bigrourg.net
1 cdn.jsdelivr.net gift.amazejoy.com
1 assets.landerlab.io gift.amazejoy.com
1 resources.landerlab.io gift.amazejoy.com
40 6

This site contains no links.

Subject Issuer Validity Valid
gift.amazejoy.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
resources.landerlab.io
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
*.landerlab.io
Amazon RSA 2048 M03
2024-05-28 -
2025-06-25
a year crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
bigrourg.net
E6
2024-12-01 -
2025-03-01
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Frame ID: D46C2F1269A9265051F59F89287492FC
Requests: 39 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

98 %
HTTPS

57 %
IPv6

5
Domains

6
Subdomains

8
IPs

4
Countries

253 kB
Transfer

442 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gift.amazejoy.com/winneriq/
56 KB
11 KB
Document
General
Full URL
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276ee786f2d99126bffb4b3c9b39136e5f33eabcce2b8fac5fe7d7d30ab72b8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f3825e7ee4c65a9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 16:04:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2amoDv6V1rlNXnKH7QXHRnTTE55pBUfZ3oZXgSWgf80BE5dBzDPfIoEBxZ6GavUwPgwQtcKFhFHPTQzms3n8vkeBHL7GbB6hmjH5sQSDFbG3JMAt%2Br6aVreF64bqopW%2FysoFrz%2B1XMEF%2FQx31NNjeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=26857&min_rtt=16545&rtt_var=16766&sent=7&recv=13&lost=0&retrans=1&sent_bytes=4881&recv_bytes=2549&delivery_rate=99536&cwnd=255&unsent_bytes=0&cid=b864e5c380867c55&ts=124&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff
styles.css
resources.landerlab.io/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://resources.landerlab.io/css/styles.css
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd491894502735c0d131cf37326f1b88d285c782fa44317f88f5423fe1eed30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3973994750e6bccfba2dd7f957249a0f"
age
4969
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PU75rgdXFyuZouygbXoI98V0RwDSlZ4X5vHCgXXG51mR7x32%2BXdK1QymAoDMIp7XHLF8bRGHHrcdYvASKvb05Wd%2FCjcq%2Fhtx%2FP%2FjaKq7wf2HygSPfWkmpOZbHeKz%2ByWQnx7q3vpbV%2FtkII7knN5uiE6hPYVC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=32350&min_rtt=26753&rtt_var=11470&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4066&recv_bytes=2174&delivery_rate=144609&cwnd=253&unsent_bytes=0&cid=30398fb7fcfb07c9&ts=52&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=86400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e94e2e3673-FRA
access-control-allow-origin
*
server
cloudflare
base.css
assets.landerlab.io/
9 KB
9 KB
Stylesheet
General
Full URL
https://assets.landerlab.io/base.css
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c000:d:1314:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

x-amz-version-id
0sEXTlrAazg9KkJm7sv1lqt808WfgxiL
etag
"7f6de4e86d84bcbfd919f155e7545439"
age
52587
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8732
x-amz-cf-id
slOI7on07yo8VCx7V53ebf1_M-EIXEwIt44uheqUG6ejKBf7x0FY2A==
date
Tue, 17 Dec 2024 01:27:51 GMT
content-type
text/css
last-modified
Sat, 29 May 2021 19:05:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
jquery-3.6.0.min.js
gift.amazejoy.com/winneriq/
87 KB
31 KB
Script
General
Full URL
https://gift.amazejoy.com/winneriq/jquery-3.6.0.min.js
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"29c4e63801623c5ad6a13313b0cd8d2c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7n5kejDAWoeQTsLMZMyepqBbKgrjd612gg35voaqKZ8n34ilCZPyIoEgZgpjDY0rh9U7FJMhRiF9Gaem2M8gUO0KC%2FnWbv1O9wQA8IeiOCfqgHNlSzJQcaegMJRVTRkyGqO6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42364&min_rtt=16545&rtt_var=13143&sent=31&recv=26&lost=0&retrans=1&sent_bytes=20859&recv_bytes=3221&delivery_rate=452959&cwnd=257&unsent_bytes=0&cid=b864e5c380867c55&ts=217&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e8cf6165a9-FRA
access-control-allow-origin
*
server
cloudflare
order_me.min.css
gift.amazejoy.com/winneriq/
5 KB
2 KB
Stylesheet
General
Full URL
https://gift.amazejoy.com/winneriq/order_me.min.css
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febec545d21f747f3b0d41022c174047e2d32cc07af5c87bf38eff494be11558
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"628cfa79cedd8a3e516d77d9dd6c9f76"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TW4XZZAvhRuH%2FO%2FSSj0hqNoc1Zlsj6Z%2BbdyOLA%2Fo8qrx1kh3a46VJlvUBYPSubu8Bq2JD%2BCCppzuUYkFpX0qA%2F1Nb934K53w718hQ6Bs4XDolDdpqRqV%2BAxdeBjyGOwW6zRKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42364&min_rtt=16545&rtt_var=13143&sent=85&recv=26&lost=0&retrans=1&sent_bytes=80786&recv_bytes=3221&delivery_rate=452959&cwnd=257&unsent_bytes=32425&cid=b864e5c380867c55&ts=221&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e8cf5c65a9-FRA
access-control-allow-origin
*
server
cloudflare
sweetalert.css
gift.amazejoy.com/winneriq/
20 KB
4 KB
Stylesheet
General
Full URL
https://gift.amazejoy.com/winneriq/sweetalert.css
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ed9eb3ad7891712a628475ee0b6b26def660e5e976aa427ce9ec611fada488
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"c12fe0dcea43fb93839be66430fbbd29"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26wR94TFKha3gAZSk9FBAfKUUzSrNJqBvcUtngcX6LwXYou7CM0HEMP1gQP5KM2%2Fx0DScFS0sdVfb%2FzU8JZtDmOCQATsmVrmPci7oSDDvomq6NU9O9M3S9ybEaK44Ww2NiN0IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42364&min_rtt=16545&rtt_var=13143&sent=26&recv=26&lost=0&retrans=1&sent_bytes=16658&recv_bytes=3221&delivery_rate=452959&cwnd=257&unsent_bytes=0&cid=b864e5c380867c55&ts=212&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e8cf5f65a9-FRA
access-control-allow-origin
*
server
cloudflare
iq.png
gift.amazejoy.com/winneriq/
4 KB
5 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/iq.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4568270afd17c40f119f3fb532acb90e95c66ea1fb4bf41da5370e2e864fabf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"7c29381f3b36326f64e9dfd7bc82a567"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRYJ9O3nbt64BS2Vz%2FGHtf%2FPvI5EXCaAdtuCKD6oED2aEFTj91XJ2d7soS%2FIyS9YC7oorltxSsnAK6GBA5U5wm2TnDJeCesweEo4%2B0B1AfgbDyEIIGUuqpCbvYaAMs8CktuEzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc66dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4463
server
cloudflare
11.png
gift.amazejoy.com/winneriq/
11 KB
12 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/11.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dec92af7874df17816bc236aefdb1af5d456cc562cbb5e6698a5e2eef51763e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"9c3d61924fa8b040cf6f475ab3ea1493"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGjIyGq0Nm29I91fjTBvaF6Hp9Iry82%2BUzubal6pSM4mkc%2FRIbLSy%2FehyKQIMw7h5bjXO8hp5rNrWTASdeJTmMfqzyvyVijlUJYmgeBAZY77am6y2E6gRiIBKGHG4Mmvvmvaeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42364&min_rtt=16545&rtt_var=13143&sent=85&recv=26&lost=0&retrans=1&sent_bytes=80786&recv_bytes=3221&delivery_rate=452959&cwnd=257&unsent_bytes=32425&cid=b864e5c380867c55&ts=246&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e8cf6465a9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11375
server
cloudflare
aespinner.png
gift.amazejoy.com/winneriq/
67 KB
68 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/aespinner.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6edc0794d2385f6b4148b1a51e711e21f1097b79a4cc98564bb923c75ce260ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"0d18fdc5b696d12573c17cad10bbac99"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6Ow43aGD9eUv%2BswN0VoV%2B5p3TEWM%2BFtzUfp5rmD8bCKP2GvQa%2FzVbFsvWLATcKZIRA24wIwhV79t5Jy71Ab243%2Bsm6Y6hJa558LVYeujDgQfiKoVtsStnTg0nBEq9p8W7gcSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42364&min_rtt=16545&rtt_var=13143&sent=61&recv=26&lost=0&retrans=1&sent_bytes=52797&recv_bytes=3221&delivery_rate=452959&cwnd=257&unsent_bytes=0&cid=b864e5c380867c55&ts=220&x=0"
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e8cf6565a9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
68639
server
cloudflare
spin.png
gift.amazejoy.com/winneriq/
9 KB
10 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/spin.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"286077e577d35a59685c44e110463c5c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqfShOBji2RyH3BYUQ6e2Gj%2BgRtCm5pDUOMlq1LlG0aDESNYDe4qTVeFdWBn8wsGTupX4QvEXXLJ8vQ0YZpz49zJ8zd1LK9fDvWosE97qwhC8KI3zACrrZO1BKJXVHu%2F8rcjgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e97c61dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9424
server
cloudflare
1.png
gift.amazejoy.com/winneriq/
6 KB
7 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/1.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d000b1f039af49883e87ffd5f833b6fcc569f4beb6a885711af5ae0043e904d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"376026b60ad7a6dd36d4b7fdc27d628b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qB22n02F%2Bg0Bz2CSFWcZvnKp21r1u6MVaj8T2OankB5fE2yhnOLHNDYvOke2CZK6gAhgzkp1C9rygCc2d0VzsfH0CEyPYfjZf13kZpuaYNM7IRSvsEMpnDxk1WfTMdkK5sJ%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e97c62dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6593
server
cloudflare
2.png
gift.amazejoy.com/winneriq/
9 KB
10 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/2.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e383372d3bdd8ceb921ebb1e418a04255298684fbdb798b5cea44d842eb73d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"169c02fcf8cb4345eb770192d64fc8bf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qaJ4qbchWlldEUs975diFjl96aPIlBoXDPgs1htUy0uulCW2Pq8ioJcdoexIEUhERKwE8WWG%2FnLs9mrecsW0vBnLNhJKrFOARu0JQL0a7C7lZziQ24YGnvYlMgLF8TaXoJCqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc64dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
9315
server
cloudflare
3.png
gift.amazejoy.com/winneriq/
7 KB
7 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/3.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25820d17500a5206d3d09b631799e613275270d21b2c2bcaf63da6018201f435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"2ed470cf9d601f936c3eb1e2ab903ca3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFPRc2xsHRRqREdE38oQ%2FP60oXwBXQ5D%2BNYoxSEXuBdNTx6waURpHPUbugnb43BYToLoNDzgQpt2QYKS7gLcKMhnZxGskdqrVy5%2B5fdaSnlTQDVlAFgWaj3laDKUkOZ5C1XJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc69dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7037
server
cloudflare
4.png
gift.amazejoy.com/winneriq/
8 KB
9 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/4.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82120fa5f2f88824ba507119f2cceed10e4cb3f84b30659cd7558010e30eed25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
MISS
etag
"bcdb13bcfb06b01936bccc94702f0cde"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3r458V41UDyZp0VGDx5q2s3fXJOlYJTjIiiVZwB5%2BowDt6%2BWe9sHBJ2qXmVtRE%2FB8%2BCxVX5xlvWuJzhAW1kIORmtIFSp4o67O2j%2B8GwjENeax7v3lkDmvDnMOpHGBI4H%2FyMX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc67dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8391
server
cloudflare
5.png
gift.amazejoy.com/winneriq/
8 KB
8 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/5.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e76986b77222daab956213dc756a860f2225eae1477911df387ad395bf15aeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"94cd66d9f2010006b6e0512072217bd6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V74V1OZblC0l1Oq1TEbccNzVAKIR4uOeYateOhR3ReK1eHPYBxnSFto0bQsmOup7nVlA%2BKMt4Gbp%2Bl4FflRSuNdp7nNaqftT4NhRZf3iJFfJUk1F77TOv2gtNcQpgC8jc4j1zA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc68dbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8042
server
cloudflare
6.png
gift.amazejoy.com/winneriq/
7 KB
8 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/6.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84091d2046c31d08b8723c279a5a0434c3d913cda4dc503173f8c7bd960e941f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
MISS
etag
"d5ade68168f2198c48fe399e6f469bdb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wY8ujJ5bhuKZR4rcbXCD%2FnbQaDzMKsmd1YOgEdAPOALcHgPa4dbcGtTJ2cNF0bpupqWRNcLcyjV0R7WvzD9rwJcEtDhvkgp70nxioJ6J9R6ayPZM8Zq3W%2F5AIrI0aOjP37sCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc6bdbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7522
server
cloudflare
7.png
gift.amazejoy.com/winneriq/
7 KB
8 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/7.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c351b52526f9ca8afbf413bdd62dc87e7c98e88cd3065fa592cf2e502694addc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"f9335e549a9304a2f3993faa5e7ce5db"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FI1rYcmDg3WH3CZlvM54klpxDeR9N9Whe3vfvkzyFO5hHASOf9RPB2jhnT9ogkiHNPfMCpAG6cSyTkNHU8xEnt0XEHxaC74Y8tWrYKPCqLZgocEpIcM1INf%2FhCYxGesR%2F%2FD%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc6adbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7287
server
cloudflare
8.png
gift.amazejoy.com/winneriq/
8 KB
8 KB
Image
General
Full URL
https://gift.amazejoy.com/winneriq/8.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42c65af490e4077bd13f77c204b5d1a0c2fac87540f5715b430be8c59b52cd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cf-cache-status
REVALIDATED
etag
"544031e8d5d48f7b535ff87dda9996ee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBxegWnd2lcv6Y7HulaLPzWKU%2F1ymaG1uLFMSiueoCVJ7J3VYdM8DuN1iAEAXkM0bNYqkJPNyiTyzxY8DgS7WD4T40Y89WMMQhhJtulNTkgrTWq4jzNAGJdL5PyKKDq%2FGG4j%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825e9dc6cdbad-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7848
server
cloudflare
translate42.js
gift.amazejoy.com/winneriq/
3 KB
2 KB
Script
General
Full URL
https://gift.amazejoy.com/winneriq/translate42.js
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8d53d5bbdb7e289a41e92bc46a6aa756a371d74c32427a260c63f590bf7893
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"3ed83a13baf0600240ff1af4c6cf43c8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGvfgxxem3LEnx6qxfuo0sWq2RrqMxuSqMAmXzain5MCG74%2BbKyPlylXcp5XyRlMEhBgBrW%2BcShQB9c32z965BZwwRSqspySgL7YfXmrX34u4AXt4Rs%2BLmxoA4Q3CQIC6nxIDg%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f3825e9dc65dbad-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
p.js
my.rtmark.net/
697 B
1 KB
Script
General
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=fc4796a0f84ee5f3e88829e1174ab5f3ad650df123378b90e2c1ed78709a6337
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13bc6a7b723b6b4a785d7931511c4ec24a412edd1d03fa571ef67abbbfb10e6c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIPfZTiDS0DuiySAO2j9XwpOg7Ed2N9Qrb0wD%2BDEeGkwxDbn6Z1llXhy15S1bf%2B9yFQijmDN%2BrmEuBjMf46wwsuEH%2B0SzAy68DNpT7diMgHnUtFP0NZBInACXrwNTWeD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41709&min_rtt=41655&rtt_var=15659&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4284&delivery_rate=77274&cwnd=12000&unsent_bytes=0&cid=1e7fe6b1c7a85bf0&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
text/javascript
priority
u=3,i=?0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3825ea1e089a1e-FRA
access-control-allow-origin
*
server
cloudflare
micro.tag.min.js
bigrourg.net/act/files/
44 KB
18 KB
Script
General
Full URL
https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
414cb60d56bf9841c45d281705f3b2f75cfa783a009375c8f77cbea79ead85e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

cache-control
no-cache
content-encoding
gzip
etag
W/"675c1a13-b170"
pragma
no-cache
access-control-allow-credentials
true
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 11:27:15 GMT
server
nginx
css.css
gift.amazejoy.com/winneriq/
7 KB
1 KB
Stylesheet
General
Full URL
https://gift.amazejoy.com/winneriq/css.css
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/order_me.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b7a9c0f761e7c418e60936ff8ccb9e875467ffdf882c677c3a656da1dc182
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/order_me.min.css

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"236cc8c345cb58ccfce5163a5bd7a073"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xCg9il2Dyf0u723Doh5hjpK4z3Krtm51mkjDR9qNR8QeTfv98pkMjsQ5dFfVAqdyvOIGpfGyFg1z6xg%2B%2FcHoAdUj%2BhQrz1Ftgw9v3x81ELM3wGQ9%2FL3NGYY%2BWYepoUrNc9SVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f3825e9dc6ddbad-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
like.png
gift.amazejoy.com/winneriq/
0
432 B
Image
General
Full URL
https://gift.amazejoy.com/winneriq/like.png
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zraoSvmiXE29f5jy9TxBNPDEn%2FPnjhHYWmwM3ShpKqMhONTlYGs8Vqd%2FqLego1kzMTyadztAVuqSuiXdVwtY0XrZDtLuAO64kmIRp9CvCbuOXwgiwrYCE5oQAvqUFw7ElBIYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825eaac6edbad-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 16:04:17 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
gift.amazejoy.com/
0
440 B
Other
General
Full URL
https://gift.amazejoy.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtoY3QtkE9%2FH%2BndjYADMuSzy37e93%2FaRJdCyModg3aYYIvsyycIb4d7jXuNLpx1J5XuXt7ZA%2BoVD%2BX1V8rp9PE%2FV7tOsBp%2B6gMIVwA3X8TBKGs%2FSM4HmsdklinHU3Md28qJWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825eb6c6fdbad-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 16:04:17 GMT
vary
Accept-Encoding
server
cloudflare
sw-check-permissions-a8582.js
gift.amazejoy.com/
0
798 B
Other
General
Full URL
https://gift.amazejoy.com/sw-check-permissions-a8582.js?zoneId=7912190
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"754053796b774e9a9b59c9fe985a357f"
age
1916
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsONkEOLqxsDvu6v2Hm8gXfx8HcI7HeSjt0sv5vEBTyPO9AE9kld5xjzZs9cPCrmyedGkzQhyOmPSe3JCZgMwDWouwIm5c4nsHVlI%2B8xJi2vNuumZgrGdHcnWfYRKxbG7C9NEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f3825eb7c70dbad-FRA
access-control-allow-origin
*
server
cloudflare
zone
bigrourg.net/
0
336 B
Ping
General
Full URL
https://bigrourg.net/zone?pub=0&zone_id=7912190&is_mobile=false&domain=gift.amazejoy.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.577&trace_id=9f65b94d-720c-4552-96cd-77b4cb098715&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://gift.amazejoy.com
content-length
0
date
Tue, 17 Dec 2024 16:04:17 GMT
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

gid.js
my.rtmark.net/
65 B
928 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7912190&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8948748408e27e73cb1c7a64de747f086d56bee344ee14311c8f5ff9818fc6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mIBeEUKEbKNjGxaJFokuQf8avWMNkh%2F3G1POt347Q7Mjdn2Cn8igiJxRmUezyNgqmPA7DuEXfD3vfSbvhKpiZwlfTAXj5JJDjGk3jADFFNJgane0MArZJYD2xF3A5IXl"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45085&min_rtt=38468&rtt_var=12859&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5448&recv_bytes=4824&delivery_rate=21173&cwnd=12000&unsent_bytes=0&cid=1e7fe6b1c7a85bf0&ts=289&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3825eb7f169a1e-FRA
access-control-allow-origin
https://gift.amazejoy.com
server
cloudflare
event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

zone
bigrourg.net/
476 B
847 B
Fetch
General
Full URL
https://bigrourg.net/zone?pub=0&zone_id=7912190&is_mobile=false&domain=gift.amazejoy.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.577&trace_id=9f65b94d-720c-4552-96cd-77b4cb098715&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
80c1b7d77241cf5010ebb24c6924b346421f41ec67ee8c7046515d490fda1d7c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

strict-transport-security
max-age=1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://gift.amazejoy.com
content-length
476
date
Tue, 17 Dec 2024 16:04:17 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

img.gif
my.rtmark.net/
43 B
848 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=fc4796a0f84ee5f3e88829e1174ab5f3ad650df123378b90e2c1ed78709a6337&ttl=&rurl=https%3A%2F%2Fgift.amazejoy.com%2Fwinneriq%2F%3Fos_version%3D10%26os_name%3DAndroid%26country_code%3DIQ%26t1%3D6542888%26t2%3D8929053%26t3%3Dfinance%26t4%3Dchrome%26t5%3D2106213%26t6%3Dandroid13%26t7%3D22710558%26t8%3Dar%26t9%3Dallaynawroztelecomcompanyforcommunicationltd.%26t10%3Dmedium%26uclick%3Dzwhqxi%26uclickhash%3Dzwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeEzLGKIyZ74%2BrkAacqZgbEFPhyaMxPmWonw6v3rkXJfMHx%2FrWKHen0Qhj4yol%2BG7jo1J0NynxcZcOGZlIDLhvLM3mf7%2FENuQ2AdTq3YQQB%2FXAqbrB5gAYVtQUhX3%2FS1"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46718&min_rtt=38468&rtt_var=12911&sent=16&recv=14&lost=0&retrans=0&sent_bytes=6423&recv_bytes=5555&delivery_rate=11436&cwnd=12000&unsent_bytes=0&cid=1e7fe6b1c7a85bf0&ts=644&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 16:04:18 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f3825edb9439a1e-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
event
bigrourg.net/
0
0
Ping
General
Full URL
https://bigrourg.net/event
Requested by
Host: bigrourg.net
URL: https://bigrourg.net/act/files/micro.tag.min.js?z=7912190&sw=/sw-check-permissions-a8582.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gift.amazejoy.com/

Response headers

confetti.browser.min.js
cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/
7 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js
Requested by
Host: gift.amazejoy.com
URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0f6abd6628192f247d12f3cf00b63a83166350a692af712518d878e490e7c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gift.amazejoy.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1cc9-wevr7/EXcpYRf+SfggqM6T0BbWU"
age
1154184
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 17 Dec 2024 16:04:20 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230066-FRA, cache-mad22048-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
2978
x-jsd-version
1.3.2
5cf66f5c-05c3-4477-a8d6-e4cb57d1f087
https://gift.amazejoy.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gift.amazejoy.com
URL
blob:https://gift.amazejoy.com/5cf66f5c-05c3-4477-a8d6-e4cb57d1f087

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| s function| openWindows function| $ function| jQuery function| startRedirectTimer function| resetRedirectTimer function| startTimer function| hidemodal01 function| hidemodal02 function| getBrowserLanguage function| setLanguage object| zfgformats function| confetti

1 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 0181354952eb4d61e3fe90923b93bf60

3 Console Messages

Source Level URL
Text
network error URL: https://gift.amazejoy.com/winneriq/like.png
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://gift.amazejoy.com/winneriq/?os_version=10&os_name=Android&country_code=IQ&t1=6542888&t2=8929053&t3=finance&t4=chrome&t5=2106213&t6=android13&t7=22710558&t8=ar&t9=allaynawroztelecomcompanyforcommunicationltd.&t10=medium&uclick=zwhqxi&uclickhash=zwhqxi-zwhqxi-6j-0-e2-pmbl-pm8n-da544b
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A020490ADC310000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://gift.amazejoy.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.landerlab.io
bigrourg.net
cdn.jsdelivr.net
gift.amazejoy.com
my.rtmark.net
resources.landerlab.io
gift.amazejoy.com
104.21.48.1
139.45.197.251
188.114.97.3
2600:9000:2250:c000:d:1314:c600:93a1
2606:4700:20::681a:642
2606:4700:3030::6815:5001
2a04:4e42::485
13bc6a7b723b6b4a785d7931511c4ec24a412edd1d03fa571ef67abbbfb10e6c
1e3b7a9c0f761e7c418e60936ff8ccb9e875467ffdf882c677c3a656da1dc182
25820d17500a5206d3d09b631799e613275270d21b2c2bcaf63da6018201f435
276ee786f2d99126bffb4b3c9b39136e5f33eabcce2b8fac5fe7d7d30ab72b8b
40ed9eb3ad7891712a628475ee0b6b26def660e5e976aa427ce9ec611fada488
414cb60d56bf9841c45d281705f3b2f75cfa783a009375c8f77cbea79ead85e8
4568270afd17c40f119f3fb532acb90e95c66ea1fb4bf41da5370e2e864fabf7
4cd491894502735c0d131cf37326f1b88d285c782fa44317f88f5423fe1eed30
4d000b1f039af49883e87ffd5f833b6fcc569f4beb6a885711af5ae0043e904d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a8d53d5bbdb7e289a41e92bc46a6aa756a371d74c32427a260c63f590bf7893
661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1
6dec92af7874df17816bc236aefdb1af5d456cc562cbb5e6698a5e2eef51763e
6e76986b77222daab956213dc756a860f2225eae1477911df387ad395bf15aeb
6edc0794d2385f6b4148b1a51e711e21f1097b79a4cc98564bb923c75ce260ad
80c1b7d77241cf5010ebb24c6924b346421f41ec67ee8c7046515d490fda1d7c
82120fa5f2f88824ba507119f2cceed10e4cb3f84b30659cd7558010e30eed25
84091d2046c31d08b8723c279a5a0434c3d913cda4dc503173f8c7bd960e941f
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2
c351b52526f9ca8afbf413bdd62dc87e7c98e88cd3065fa592cf2e502694addc
d0f6abd6628192f247d12f3cf00b63a83166350a692af712518d878e490e7c0d
d42c65af490e4077bd13f77c204b5d1a0c2fac87540f5715b430be8c59b52cd1
df8948748408e27e73cb1c7a64de747f086d56bee344ee14311c8f5ff9818fc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3e383372d3bdd8ceb921ebb1e418a04255298684fbdb798b5cea44d842eb73d
febec545d21f747f3b0d41022c174047e2d32cc07af5c87bf38eff494be11558
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e