www.powerensemble.com Open in urlscan Pro
185.3.185.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/2xNX0RR#WFnEHQmjmYxxNDADYzEf
Effective URL:
https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-...
Submission: On March 28 via api (March 28th 2020, 7:45:08 pm UTC) from BE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 11 domains to perform 33 HTTP transactions. The main IP is 185.3.185.190, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.powerensemble.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 5th 2020. Valid for: 3 months.

This is the only time www.powerensemble.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	49.12.44.41 49.12.44.41	24940 (HETZNER-AS) (HETZNER-AS)
1 2	107.167.88.28 107.167.88.28	53755 (IOFLOOD) (IOFLOOD)
1 2	107.172.7.100 107.172.7.100	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	78.142.29.109 78.142.29.109	201133 (VERDINA) (VERDINA)
1 1	104.18.27.185 104.18.27.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:4795	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.17.214.35 104.17.214.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.211.36.178 52.211.36.178	16509 (AMAZON-02) (AMAZON-02)
25	185.3.185.190 185.3.185.190	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
3	2606:4700:10:... 2606:4700:10::6816:78f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	7

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.44.41 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.44.12.49.clients.your-server.de

v060.jinkiettan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.167.88.28 (Phoenix, United States) 1 redirects

ASN53755 (IOFLOOD, US)
PTR: we.love.servers.at.ioflood.net

hicklopo-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.172.7.100 (Buffalo, United States) 1 redirects

ASN36352 (AS-COLOCROSSING, US)
PTR: 107-172-7-100-host.colocrossing.com

qalkawell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.142.29.109 (Bulgaria)

ASN201133 (VERDINA, BZ)

laudypauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.185 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wbtutorials.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4795 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.avantgardereviewzz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.214.35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.oteuforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.36.178 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-36-178.eu-west-1.compute.amazonaws.com

trck.easytrck123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.3.185.190 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www.powerensemble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:78f (United States)

ASN13335 (CLOUDFLARENET, US)

eu.winnernotification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	powerensemble.com www.powerensemble.com	416 KB
3	winnernotification.com eu.winnernotification.com	36 KB
3	easytrck123.com 2 redirects trck.easytrck123.com	4 KB
2	qalkawell.com 1 redirects qalkawell.com	1 KB
2	hicklopo-in.com 1 redirects hicklopo-in.com	1 KB
1	oteuforum.com 1 redirects www.oteuforum.com	948 B
1	avantgardereviewzz.xyz www1.avantgardereviewzz.xyz	2 KB
1	wbtutorials.com 1 redirects www.wbtutorials.com	1 KB
1	laudypauty.com laudypauty.com	443 B
1	jinkiettan.com 1 redirects v060.jinkiettan.com	357 B
1	bit.ly 1 redirects bit.ly	290 B
33	11

	Domain	Requested by
25	www.powerensemble.com	www.powerensemble.com
3	eu.winnernotification.com	www.powerensemble.com eu.winnernotification.com
3	trck.easytrck123.com	2 redirects
2	qalkawell.com	1 redirects hicklopo-in.com
2	hicklopo-in.com	1 redirects
1	www.oteuforum.com	1 redirects
1	www1.avantgardereviewzz.xyz	laudypauty.com
1	www.wbtutorials.com	1 redirects
1	laudypauty.com	qalkawell.com
1	v060.jinkiettan.com	1 redirects
1	bit.ly	1 redirects
33	11

This site contains no links.

Subject Issuer	Validity	Valid
qalkawell.com Let's Encrypt Authority X3	`2020-01-16` - `2020-04-15`	3 months	crt.sh
www.laudypauty.com Go Daddy Secure Certificate Authority - G2	`2019-04-30` - `2020-06-28`	a year	crt.sh
trck.easytrck123.com Amazon	`2020-03-01` - `2021-04-01`	a year	crt.sh
www.powerensemble.com Let's Encrypt Authority X3	`2020-02-05` - `2020-05-05`	3 months	crt.sh
winnernotification.com CloudFlare Inc ECC CA-2	`2019-05-22` - `2020-05-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5
Frame ID: 896F820F173E562AD4E9F0C1D85F5BE5
Requests: 32 HTTP requests in this frame

Frame: https://eu.winnernotification.com/pushweb/assets/m_main.html
Frame ID: 9A6083FB9A617F6E0AD6A791FE9CE021
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gagner en Ligne

Page URL History Show full URLs

https://bit.ly/2xNX0RR HTTP 301
http://v060.jinkiettan.com/r.php?t=c&d=0&l=0&c=0&cr=882 HTTP 302
http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Page URL
https://hicklopo-in.com/r2/eccd4f0d-a321-4b1c-b322-9fd227a2499a////1e7ada9c-841c-4efa-80fe-2e1a44bba... HTTP 302
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-8... Page URL
https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991////b69999b3-63d2-4563-8a36-6b821b19c... HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Page URL
https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472125&2=&1=893709597&... HTTP 302
http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjX... Page URL
http://www.oteuforum.com/click HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=4419&aff_id=8545&url_id=18468&aff_sub=e7d741a7-d679-46b5-82e0... HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcg... Page URL
https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&redirect_pass=1&url=https%3A%2F%2Fwww.powere... HTTP 302
https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545... Page URL

Page Statistics

33
Requests

94 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

7
IPs

4
Countries

457 kB
Transfer

751 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2xNX0RR HTTP 301
http://v060.jinkiettan.com/r.php?t=c&d=0&l=0&c=0&cr=882 HTTP 302
http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Page URL
https://hicklopo-in.com/r2/eccd4f0d-a321-4b1c-b322-9fd227a2499a////1e7ada9c-841c-4efa-80fe-2e1a44bba683/?s1=0&s2=0&s3=0&s4=0&fctr=0 HTTP 302
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Page URL
https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991////b69999b3-63d2-4563-8a36-6b821b19c144/?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683&red_param_1=http%3A%2F%2Fhicklopo-in.com%2Fr%2Feccd4f0d-a321-4b1c-b322-9fd227a2499a%2F%3Fs1%3D0%26s2%3D0%26s3%3D0%26s4%3D0&fctr=1 HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Page URL
https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 HTTP 302
http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 Page URL
http://www.oteuforum.com/click HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=4419&aff_id=8545&url_id=18468&aff_sub=e7d741a7-d679-46b5-82e0-fb8353334c97&aff_sub2=ddk4juplo1fj1ruth8h1ql1u&aff_sub3=e7d741a7-d679-46b5-82e0-fb8353334c97 HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 Page URL
https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&redirect_pass=1&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 HTTP 302
https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/2xNX0RR HTTP 301
http://v060.jinkiettan.com/r.php?t=c&d=0&l=0&c=0&cr=882 HTTP 302
http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0

Request Chain 1

https://hicklopo-in.com/r2/eccd4f0d-a321-4b1c-b322-9fd227a2499a////1e7ada9c-841c-4efa-80fe-2e1a44bba683/?s1=0&s2=0&s3=0&s4=0&fctr=0 HTTP 302
https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683

Request Chain 2

https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991////b69999b3-63d2-4563-8a36-6b821b19c144/?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683&red_param_1=http%3A%2F%2Fhicklopo-in.com%2Fr%2Feccd4f0d-a321-4b1c-b322-9fd227a2499a%2F%3Fs1%3D0%26s2%3D0%26s3%3D0%26s4%3D0&fctr=1 HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144

Request Chain 3

https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 HTTP 302
http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597

Request Chain 4

http://www.oteuforum.com/click HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=4419&aff_id=8545&url_id=18468&aff_sub=e7d741a7-d679-46b5-82e0-fb8353334c97&aff_sub2=ddk4juplo1fj1ruth8h1ql1u&aff_sub3=e7d741a7-d679-46b5-82e0-fb8353334c97 HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367

33 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/ Redirect Chain https://bit.ly/2xNX0RR http://v060.jinkiettan.com/r.php?t=c&d=0&l=0&c=0&cr=882 http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0	701 B 868 B	346ms 318ms	Document text/html	107.167.88.28 IOFLOOD
General Check archive.org Show headers Download Go to Full URL http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Protocol HTTP/1.1 Server 107.167.88.28 Phoenix, United States, ASN53755 (IOFLOOD, US), Reverse DNS we.love.servers.at.ioflood.net Software nginx / Resource Hash `4ed51528a5446ef1b6b15e216f2099efc733b32b559edf7827c01c947083b38e` Request headers Host hicklopo-in.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx Date Sat, 28 Mar 2020 19:44:48 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie b76d1dc4-649c-45b2-9522-67728b9d4b2c=1e7ada9c-841c-4efa-80fe-2e1a44bba683; Version=1; Expires=Sun, 29-Mar-2020 19:44:48 GMT; Max-Age=86400; Domain=hicklopo-in.com; Path=/ b76d1dc4-649c-45b2-9522-67728b9d4b2c-check=1e7ada9c-841c-4efa-80fe-2e1a44bba683; Version=1; Expires=Sat, 28-Mar-2020 19:54:48 GMT; Max-Age=600; Domain=hicklopo-in.com; Path=/ Cache-Control no-cache Expires Sat, 28 Mar 2020 19:44:48 GMT Content-Encoding gzip Redirect headers Date Sat, 28 Mar 2020 19:44:48 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 Location http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Content-Length 25 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ Show response qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991///// Redirect Chain https://hicklopo-in.com/r2/eccd4f0d-a321-4b1c-b322-9fd227a2499a////1e7ada9c-841c-4efa-80fe-2e1a44bba683/?s1=0&s2=0&s3=0&s4=0&fctr=0 https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683	851 B 958 B	658ms 186ms	Document text/html	107.172.7.100 AS-COLOCROSSING
General Check archive.org Show headers Download Go to Full URL https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Requested by Host: hicklopo-in.com URL: http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 107.172.7.100 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US), Reverse DNS 107-172-7-100-host.colocrossing.com Software nginx / Resource Hash `efa3187fac85d3337d9522fe8f31e0ae06f654c1c76c194341d6b99c4a14b37b` Request headers Host qalkawell.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer http://hicklopo-in.com/r/eccd4f0d-a321-4b1c-b322-9fd227a2499a/?s1=0&s2=0&s3=0&s4=0#WFnEHQmjmYxxNDADYzEf Response headers Server nginx Date Sat, 28 Mar 2020 19:44:49 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=b69999b3-63d2-4563-8a36-6b821b19c144; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=qalkawell.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=b69999b3-63d2-4563-8a36-6b821b19c144; Version=1; Expires=Sat, 28-Mar-2020 19:54:49 GMT; Max-Age=600; Domain=qalkawell.com; Path=/ Cache-Control no-cache Expires Sat, 28 Mar 2020 19:44:49 GMT Content-Encoding gzip Redirect headers Server nginx Date Sat, 28 Mar 2020 19:44:49 GMT Content-Length 137 Connection keep-alive Location https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Cache-Control no-cache Expires Sat, 28 Mar 2020 19:44:49 GMT
GET H/1.1	200 OK	Cookie set b69999b3-63d2-4563-8a36-6b821b19c144 Show response laudypauty.com/fff0852e2b321b3800/100/ Redirect Chain https://qalkawell.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991////b69999b3-63d2-4563-8a36-6b821b19c144/?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683&red_param_1=http%3A%2F%2Fhicklopo-in.com%2Fr%... https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144	189 B 443 B	670ms 467ms	Document text/html	78.142.29.109 VERDINA
General Check archive.org Show headers Download Go to Full URL https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Requested by Host: qalkawell.com URL: https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.142.29.109 , Bulgaria, ASN201133 (VERDINA, BZ), Reverse DNS Software Apache / Resource Hash `79592ea1b5ea83ad5656fe54d392f6c9ded1510dc81a0fe42dce75cbf8e8dcc2` Request headers Host laudypauty.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://qalkawell.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/////?fctr=1&ptid=1e7ada9c-841c-4efa-80fe-2e1a44bba683 Response headers Date Sat, 28 Mar 2020 19:44:50 GMT Content-Type text/html; charset=UTF-8 Content-Length 189 Server Apache Set-Cookie uid10498=893709597-20200328144450-d7fbf5f46bf47d86452532b502097749-; domain=; path=/; SameSite=None; Secure Redirect headers Server nginx Date Sat, 28 Mar 2020 19:44:50 GMT Content-Length 105 Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=b69999b3-63d2-4563-8a36-6b821b19c144; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=qalkawell.com; Path=/ Location https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Cache-Control no-cache Expires Sat, 28 Mar 2020 19:44:50 GMT
GET H/1.1	200 OK	Cookie set index.html Show response www1.avantgardereviewzz.xyz/link/af/ Redirect Chain https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6I...	6 KB 2 KB	72ms 51ms	Document text/html	2606:4700::6812:4795 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 Requested by Host: laudypauty.com URL: https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Protocol HTTP/1.1 Server 2606:4700::6812:4795 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a3f87103627dbf8b26b2cc86470a21f29884256be4d2ea6d931b8ad8c40d03f` Request headers Host www1.avantgardereviewzz.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://laudypauty.com/fff0852e2b321b3800/100/b69999b3-63d2-4563-8a36-6b821b19c144 Response headers Date Sat, 28 Mar 2020 19:44:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d327b60bf8166200cd503a2ddd0bb9fd41585424691; expires=Mon, 27-Apr-20 19:44:51 GMT; path=/; domain=.www1.avantgardereviewzz.xyz; HttpOnly; SameSite=Lax Last-Modified Thu, 14 Nov 2019 17:18:15 GMT Vary Accept-Encoding CF-Cache-Status HIT Age 1951357 Expires Sun, 28 Mar 2021 19:44:51 GMT Cache-Control public, max-age=31536000 Server cloudflare CF-RAY 57b3d91eee0e1f3d-FRA Content-Encoding gzip Redirect headers status 302 date Sat, 28 Mar 2020 19:44:50 GMT content-length 0 set-cookie __cfduid=d67c25a729c2c20e2c2fd2406a0ee3f771585424690; expires=Mon, 27-Apr-20 19:44:50 GMT; path=/; domain=.wbtutorials.com; HttpOnly; SameSite=Lax e7d741a7-d679-46b5-82e0-fb8353334c97-v4=e7d741a7-d679-46b5-82e0-fb8353334c97; Max-Age=86400; Expires=Sun, 29-Mar-2020 19:44:50 GMT; Domain=www.wbtutorials.com; Path=/; HttpOnly cep-v4=nfFpKVQtrnN2IXpRdDvYeSHEO6-gPiednh23cUexq7KsK6ZvfSZHb6bZS-7Dy8Kg_TYs1R1cE5mTourTH29mRW7ZNuGwLgzfAzcE3xdpvvA92lWmJb-b-nR7JUMbSCjcVap20s8BLhsqg1aXZ6ZTpPESWJgFe-BFnGYZp85fYaCYnM5rsE-rcKaNHP7FlXaPwvNQxJMRYvwGtJjDGSd7BX14zwdT9yjZAPVRzTSSZpwzQSlaJ7RX4TGJGtLHxLzd_2VxkKeJF0BvWFN1Kp9AJyEtETYoe1ROEw7YzQlsU2bxn4E2i7n6Kb2vxmMjUp1ewRTNldxADLAZel20oAVvKTQDDRbEGDNOzvaFpPJo3ToU2TjceGwsQ1hWNhQDscoJ; Max-Age=86400; Expires=Sun, 29-Mar-2020 19:44:50 GMT; Domain=www.wbtutorials.com; Path=/; HttpOnly cache-control no-store, no-cache, pre-check=0, post-check=0 expires Thu, 01 Jan 1970 00:00:00 GMT location http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57b3d91e794ac779-AMS
GET H/1.1	200 OK	aff_r Show response trck.easytrck123.com/ Redirect Chain http://www.oteuforum.com/click https://trck.easytrck123.com/aff_c?offer_id=4419&aff_id=8545&url_id=18468&aff_sub=e7d741a7-d679-46b5-82e0-fb8353334c97&aff_sub2=ddk4juplo1fj1ruth8h1ql1u&aff_sub3=e7d741a7-d679-46b5-82e0-fb8353334c97 https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545...	382 B 720 B	41ms 40ms	Document text/html	52.211.36.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.36.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-36-178.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash `fc2e7781a61b5438f31d19dc485b18c26313b9f859c59323fd8a085e17780f3a` Request headers Host trck.easytrck123.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie aff_ran_url_4419=18468; enc_aff_session_4419=ENC0366dcac967212c359b4c11ff4e414d12c9391cd7fdd6128c9f8421c46b1e9172d74689654cb6012eae44f08858c6824692da698edcc0ca08c7987a4c4ecf638ba84e3fa0e8537115c9e4defd91c607fb1e65ce825efba0e0eca09daae616c0109f230b00f76911b92d1a8ccd0ed0e8cfb1ce9c78ecd2261209396936b58c22dab52cab4e971e0590f1d8c420704f43aeb885c417684931856a68fb17cec1c625f0fb43585a5fadafddc25ba2d3c795f9e60da9fe8591ac3aab84bc0569f7c50d2e9187937488df782a3d6d55a64a846fa8cf8a46bdaec149abf31eebd884263ecc2a5d208f84086f52015e09d057eb077009cdab05f22600aa92457ae00599354557a4fe6c7f172bdd281818059ea5b18492765da1b831985344189412d008295ab711586624b5f4b9a8ba3e674c3e20bb38c32c9f06edd36ace37d10765726888188befb6e21b6122b6f275c03ac68b8aaf90eef584ee9893b2a93f1322ff1116fc6678103d9c7607134b63dfa7a21645feeb79e0ebf1e61c1345e5decc4fd6d5e0c7edede5ac3d91728824d03edd03dcc5db85effc7b3d073fd1e336946fa90ae001d14a7e4932daa92546a34c2abdcd9d5c38e1f0d844051b4a3a6ad3be7e6471509822e57a532fd17b661d60e88c97000f80720bd305790f02df5e1a94a54e8da0fadbfec288f0f651f09d6aa837c2a99c46714887ecfceb548f54d0ee5fc60a5da92548210c5df21a56fc207d71b2f458bc36d2430e68efc2dff93206887050c6b5529d4822d5bead378dfa5c1c2c02abd8fa0b1fb842a09e988697f044ed66d1f06d2b75e03d297217e36a8c4eaf30659543ec0ed89d207488cc26bc88a77012d5f29af56811c50c85da4866d087a3b0b721cad720516f0e9f63cab375c2f568210; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www1.avantgardereviewzz.xyz/link/af/index.html?cep=TOxoJInLqv3Ag_rn7LmvV6GwAtxT8wnQ3E0Aqg3TQL7rtXliAnVjXzMK6gTvztD0aCSFX2Ys9qaMIxK5ws8Y9fImdJGIX_dhiXMli0ye8MczD91Zj6IXbQPJ0b3Uyynq7iJDDRyri6IUGbkYzMu9l73fiBzYThpEZqwSsDaYNyyW_X1cA349kAPnTAdg0ScJiDfIT0eC3P45onGp4WtUOJ7yHLNWhp5JpcZTDaj4GQKNGxUVMdQP3qL7ttx5LTXuQKLYHruUfo94AT_ov3F0GSy2txHoO4CfXtZB8igHnkuth1LXvl50IUGMa-MliRm-v7Bhq3C0dKVIZSENuhJoaBVnSHtc0aSVM2r2c4reBUfAs06y4PGj5Kzmno5MnMiO&lptoken=15b48506429364fb9011&4=&3=&5=&6=&7=&8=472125&2=&1=893709597&s1=472125&s0=893709597# Response headers Server nginx/1.16.1 Date Sat, 28 Mar 2020 19:44:51 GMT Content-Type text/html Content-Length 382 Connection keep-alive Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Origin * X-Request-Id 368a2021f8431044f058826780ed0d8a Redirect headers Server nginx/1.16.1 Date Sat, 28 Mar 2020 19:44:51 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 492 Connection keep-alive Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Cache-Control no-cache, no-store, must-revalidate X-Robots-Tag noindex, nofollow tracking_id 102ea3c19dcd58807eeee2763509f5 Location /aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 Set-Cookie aff_ran_url_4419=18468; expires=Sun, 29 Mar 2020 19:44:51 GMT; path=/; SameSite=None; Secure enc_aff_session_4419=ENC0366dcac967212c359b4c11ff4e414d12c9391cd7fdd6128c9f8421c46b1e9172d74689654cb6012eae44f08858c6824692da698edcc0ca08c7987a4c4ecf638ba84e3fa0e8537115c9e4defd91c607fb1e65ce825efba0e0eca09daae616c0109f230b00f76911b92d1a8ccd0ed0e8cfb1ce9c78ecd2261209396936b58c22dab52cab4e971e0590f1d8c420704f43aeb885c417684931856a68fb17cec1c625f0fb43585a5fadafddc25ba2d3c795f9e60da9fe8591ac3aab84bc0569f7c50d2e9187937488df782a3d6d55a64a846fa8cf8a46bdaec149abf31eebd884263ecc2a5d208f84086f52015e09d057eb077009cdab05f22600aa92457ae00599354557a4fe6c7f172bdd281818059ea5b18492765da1b831985344189412d008295ab711586624b5f4b9a8ba3e674c3e20bb38c32c9f06edd36ace37d10765726888188befb6e21b6122b6f275c03ac68b8aaf90eef584ee9893b2a93f1322ff1116fc6678103d9c7607134b63dfa7a21645feeb79e0ebf1e61c1345e5decc4fd6d5e0c7edede5ac3d91728824d03edd03dcc5db85effc7b3d073fd1e336946fa90ae001d14a7e4932daa92546a34c2abdcd9d5c38e1f0d844051b4a3a6ad3be7e6471509822e57a532fd17b661d60e88c97000f80720bd305790f02df5e1a94a54e8da0fadbfec288f0f651f09d6aa837c2a99c46714887ecfceb548f54d0ee5fc60a5da92548210c5df21a56fc207d71b2f458bc36d2430e68efc2dff93206887050c6b5529d4822d5bead378dfa5c1c2c02abd8fa0b1fb842a09e988697f044ed66d1f06d2b75e03d297217e36a8c4eaf30659543ec0ed89d207488cc26bc88a77012d5f29af56811c50c85da4866d087a3b0b721cad720516f0e9f63cab375c2f568210; expires=Tue, 28 Apr 2020 19:44:51 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Tue, 21 Feb 2023 06:24:51 GMT; path=/; SameSite=None; Secure P3P CP="NOI CUR OUR NOR INT" Access-Control-Allow-Origin * X-Request-Id 7866b47a8b23f84e2359eafd46a41fce
GET H2	200	Primary Request wingame.pl Show response www.powerensemble.com/cgi-bin/ Redirect Chain https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&redirect_pass=1&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081... https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5	43 KB 12 KB	812ms 614ms	Document text/html	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `1b66d313d0bbda51865c515d6e3e6a898a4516fa5b475abdaa9c13c8b1e24610` Request headers :method GET :authority www.powerensemble.com :scheme https :path /cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://trck.easytrck123.com/aff_r?offer_id=4419&aff_id=8545&url=https%3A%2F%2Fwww.powerensemble.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D305%26wingame_pk%3D65%26freetest_pk%3D1081%26sub_id%3D8545-e7d741a7-d679-46b5-82e0-fb8353334c97%26sub_id_postback%3D102ea3c19dcd58807eeee2763509f5&urlauth=561611903183663399063019647367 Response headers status 200 server nginx date Sat, 28 Mar 2020 19:44:52 GMT content-type text/html;charset=ISO-8859-1 x-firstpage 1 x-page pregame x-map-context be x-served-by d-03 content-encoding gzip Redirect headers Server nginx/1.16.1 Date Sat, 28 Mar 2020 19:44:51 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 390 Connection keep-alive Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Cache-Control no-cache, no-store, must-revalidate Location https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Access-Control-Allow-Origin * X-Request-Id 73de3d376c2d87ba20eacafe4cac476d
GET H2	200	tl_report.min.js Show response www.powerensemble.com/_global/js/	2 KB 979 B	31ms 30ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/js/tl_report.min.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `cdfe7552855628d13e7f81da440db56b6d2ac2a80dc3426a91a082a382cba81d` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Fri, 20 Mar 2020 13:30:06 GMT server nginx x-map-context be etag W/"5e74c55e-617" x-served-by d-04 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	switch_language_layer.css www.powerensemble.com/wingame/global/css/	3 KB 1 KB	27ms 26ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/wingame/global/css/switch_language_layer.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Thu, 25 Oct 2018 08:57:57 GMT server nginx x-map-context be etag W/"5bd18595-aab" x-served-by d-04 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	default.css www.powerensemble.com/_global/css/	4 KB 2 KB	23ms 22ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/css/default.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Mon, 18 Feb 2019 07:52:24 GMT server nginx x-map-context be etag W/"5c6a6438-10e7" x-served-by d-03 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	font-awesome.min.css www.powerensemble.com/_global/fonts/font-awesome-4.6.3/css/	28 KB 7 KB	26ms 24ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Thu, 18 Aug 2016 09:52:51 GMT server nginx x-map-context be etag W/"57b58573-71c7" x-served-by d-03 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	series.css www.powerensemble.com/_global/wingame/54/css/	25 KB 5 KB	46ms 44ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/wingame/54/css/series.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `35760ab55cdfeca80927bb58481105f762de07e439bbbfd2c7986bca834dbe65` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Wed, 31 Oct 2018 10:14:15 GMT server nginx x-map-context be etag W/"5bd98077-65ff" x-served-by d-01 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	sweepstake.css www.powerensemble.com/wingame/65/css/	5 KB 1 KB	52ms 51ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/wingame/65/css/sweepstake.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `936b5ed371cf284f5c275057a0ab45f983256765af7e6ada0ee6a5d7e8332196` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Mon, 09 Mar 2020 09:41:02 GMT server nginx x-map-context be etag W/"5e660f2e-12ac" x-served-by d-03 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	theme.css www.powerensemble.com/_global/wingame/54/themes/black_000000/css/	12 KB 2 KB	43ms 41ms	Stylesheet text/css	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/wingame/54/themes/black_000000/css/theme.css?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `7db0ce077052a8b2f109cfe5cd6fe9f461ac918d768378ce93d81f8f43cc0d32` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Fri, 18 Aug 2017 14:48:22 GMT server nginx x-map-context be etag W/"5996fe36-3092" x-served-by d-03 vary Accept-Encoding content-type text/css status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	MooTools-Core-1.6.0-compressed.js Show response www.powerensemble.com/_global/js/framework/	88 KB 28 KB	34ms 33ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Fri, 10 Nov 2017 11:48:17 GMT server nginx x-map-context be etag W/"5a059201-15e64" x-served-by d-01 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	scripts.js Show response www.powerensemble.com/_global/js/	61 KB 15 KB	48ms 47ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/js/scripts.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `e71f8596d2836f570c87883f26d7b284b4c1644280cf76fa42919a915a69394d` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Wed, 18 Mar 2020 11:43:30 GMT server nginx x-map-context be etag W/"5e720962-f2c7" x-served-by d-03 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	global.js Show response www.powerensemble.com/wingame/global/js/	3 KB 1 KB	54ms 53ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/wingame/global/js/global.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Thu, 25 Oct 2018 08:57:57 GMT server nginx x-map-context be etag W/"5bd18595-bc3" x-served-by d-02 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	series.js Show response www.powerensemble.com/_global/wingame/54/js/	13 KB 4 KB	260ms 259ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_global/wingame/54/js/series.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `389f3e798590fe593c5b2a73c1c00fa5ecd869bf8d1ab1193b797a08b8cb30dd` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Thu, 26 Mar 2020 10:47:15 GMT server nginx x-map-context be etag W/"5e7c8833-34a1" x-served-by d-02 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	sweepstake.js Show response www.powerensemble.com/wingame/65/js/	3 KB 1 KB	262ms 261ms	Script application/javascript	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/wingame/65/js/sweepstake.js?2008794624562392 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `5fabed8151bc8afa6e1a083a187a6f76629eb248a1decd4a148ee6997715dd25` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip last-modified Thu, 25 Apr 2019 07:27:47 GMT server nginx x-map-context be etag W/"5cc16173-b76" x-served-by d-01 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	close_icon.svg www.powerensemble.com/wingame/global/images/	841 B 1 KB	264ms 263ms	Image image/svg+xml	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/wingame/global/images/close_icon.svg Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Tue, 30 Jul 2019 08:32:57 GMT server nginx x-map-context be etag "5d4000b9-349" x-served-by d-02 content-type image/svg+xml status 200 cache-control max-age=86400 accept-ranges bytes content-length 841 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	sign.png www.powerensemble.com/wingame/65/images/	8 KB 8 KB	266ms 266ms	Image image/png	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/wingame/65/images/sign.png Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `ede794c1537f556be6e8338c9532b27b9912ae23fdcabe98e2f22151fa584792` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Mon, 25 Jan 2016 18:34:03 GMT server nginx x-map-context be etag "56a66a9b-2075" x-served-by d-01 content-type image/png status 200 cache-control max-age=86400 accept-ranges bytes content-length 8309 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	image_1081_8_1568205246_cp_image_239_8_1568192741.png www.powerensemble.com/files/web/freetest/_images/	41 KB 41 KB	23ms 22ms	Image image/png	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/files/web/freetest/_images/image_1081_8_1568205246_cp_image_239_8_1568192741.png Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `090c32645d7a0d896b8b498006761bc2a27044b0f5fa80e9c95c6b5e9a336e88` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Wed, 11 Sep 2019 12:34:06 GMT server nginx x-map-context be etag "5d78e9be-a372" x-served-by d-01 content-type image/png status 200 cache-control max-age=86400 accept-ranges bytes content-length 41842 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	close.png www.powerensemble.com/_global/wingame/default/bba/images/	1 KB 1 KB	30ms 28ms	Image image/png	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/_global/wingame/default/bba/images/close.png Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Tue, 06 Dec 2016 13:05:32 GMT server nginx x-map-context be etag "5846b79c-4dd" x-served-by d-04 content-type image/png status 200 cache-control max-age=86400 accept-ranges bytes content-length 1245 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	20159413288_bba-logo.png www.powerensemble.com/_global/wingame/default/bba/images/	4 KB 4 KB	35ms 33ms	Image image/png	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/_global/wingame/default/bba/images/20159413288_bba-logo.png Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Tue, 08 Dec 2015 14:28:55 GMT server nginx x-map-context be etag "5666e927-e71" x-served-by d-02 content-type image/png status 200 cache-control max-age=86400 accept-ranges bytes content-length 3697 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	bg-iphone11.jpg www.powerensemble.com/_static/_global/_supload/images/	36 KB 36 KB	25ms 22ms	Image image/jpeg	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/_static/_global/_supload/images/bg-iphone11.jpg Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `5309c4e1ef7d917dad9a00f12635d913798831142c63c4e8aebd11ffcf39614c` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Wed, 11 Sep 2019 09:07:17 GMT server nginx etag "1010483269" content-type image/jpeg status 200 cache-control max-age=86400 accept-ranges bytes content-length 36829 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	img-iphonexs-logo.jpg www.powerensemble.com/_static/_global/_supload/images/	3 KB 3 KB	44ms 43ms	Image image/jpeg	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Show image Full URL https://www.powerensemble.com/_static/_global/_supload/images/img-iphonexs-logo.jpg Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `44f73a2456e09097b4606284ae631c0292e20448733946eb1290d3d107a8af4c` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sat, 28 Mar 2020 19:44:52 GMT last-modified Fri, 31 Aug 2018 13:28:30 GMT server nginx etag "3502563197" content-type image/jpeg status 200 cache-control max-age=86400 accept-ranges bytes content-length 3030 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	Poppins-Regular.woff2 www.powerensemble.com/_static/_global/_supload/fonts/	48 KB 48 KB	51ms 49ms	Font application/octet-stream	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_static/_global/_supload/fonts/Poppins-Regular.woff2 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `bedc39ba6f7f98efeb0b5a5c5a195b1f3421829ffcaf83174a1c7e86f5002a61` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Origin https://www.powerensemble.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 19:44:52 GMT server nginx content-type application/octet-stream status 200 cache-control max-age=86400 accept-ranges bytes content-length 49444 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	Poppins-SemiBold.woff2 www.powerensemble.com/_static/_global/_supload/fonts/	48 KB 48 KB	38ms 37ms	Font application/octet-stream	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_static/_global/_supload/fonts/Poppins-SemiBold.woff2 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `6603613bef7d3b2ecbebf589ba781a91065804ecfec937a82dd51f38a575a9d5` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Origin https://www.powerensemble.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 19:44:52 GMT server nginx content-type application/octet-stream status 200 cache-control max-age=86400 accept-ranges bytes content-length 48892 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	Poppins-ExtraBold.woff2 www.powerensemble.com/_static/_global/_supload/fonts/	48 KB 48 KB	50ms 48ms	Font application/octet-stream	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_static/_global/_supload/fonts/Poppins-ExtraBold.woff2 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `5909867e8899379f262ddedfeabb1d40c238a7e0e83ee6c7aa6da73698f75411` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Origin https://www.powerensemble.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 19:44:52 GMT server nginx content-type application/octet-stream status 200 cache-control max-age=86400 accept-ranges bytes content-length 49368 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	Poppins-Medium.woff2 www.powerensemble.com/_static/_global/_supload/fonts/	48 KB 48 KB	50ms 48ms	Font application/octet-stream	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_static/_global/_supload/fonts/Poppins-Medium.woff2 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `12fa0a6a6208f606a390c370c4c0c2a26aa1f6b3f3d1fc6de759e523188e8a20` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Origin https://www.powerensemble.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 19:44:52 GMT server nginx content-type application/octet-stream status 200 cache-control max-age=86400 accept-ranges bytes content-length 49340 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	Poppins-Bold.woff2 www.powerensemble.com/_static/_global/_supload/fonts/	48 KB 48 KB	36ms 36ms	Font application/octet-stream	185.3.185.190 CLARANET-AS Clara...
General Check archive.org Show headers Download Go to Full URL https://www.powerensemble.com/_static/_global/_supload/fonts/Poppins-Bold.woff2 Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB), Reverse DNS Software nginx / Resource Hash `ecb7adbcdd74acc91408e512b2f28849b844bced8df055f5bc16bb1fde6eb53b` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Origin https://www.powerensemble.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 19:44:52 GMT server nginx content-type application/octet-stream status 200 cache-control max-age=86400 accept-ranges bytes content-length 49128 expires Sun, 29 Mar 2020 19:44:52 GMT
GET H2	200	init.js Show response eu.winnernotification.com/pushweb/assets/	2 KB 1 KB	66ms 17ms	Script application/javascript	2606:4700:10::6816:78f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eu.winnernotification.com/pushweb/assets/init.js Requested by Host: www.powerensemble.com URL: https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9f9a57e6dd172a7d86e2f4266b6fb13e37ad8ecd24929e44878841ffe6075275` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip cf-cache-status UPDATING age 13 p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" status 200 via 1.1 google server cloudflare etag W/"6da-6ZyT8MzEbRf4voJWHnHtcY2augc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 57b3d92989e796da-FRA access-control-allow-headers Content-Type, Authorization, Accengage-Time, Accengage-Signature
GET H2	200	t_main.js Show response eu.winnernotification.com/pushweb/assets/	118 KB 34 KB	52ms 52ms	Script application/javascript	2606:4700:10::6816:78f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eu.winnernotification.com/pushweb/assets/t_main.js? Requested by Host: eu.winnernotification.com URL: https://eu.winnernotification.com/pushweb/assets/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c182b4a1c76f7158aa6abc9ecb165c9387da18965f5a3ea0a3f8ff465bbee83` Request headers Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 28 Mar 2020 19:44:52 GMT content-encoding gzip cf-cache-status EXPIRED p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" status 200 via 1.1 google server cloudflare etag W/"1d91d-gCqVb1etdMP3qbZGjF/fuH+9eyA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 57b3d929ba0f96da-FRA access-control-allow-headers Content-Type, Authorization, Accengage-Time, Accengage-Signature
GET H2	200	m_main.html eu.winnernotification.com/pushweb/assets/ Frame 9A60	0 0	59ms 59ms	Document text/html	2606:4700:10::6816:78f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eu.winnernotification.com/pushweb/assets/m_main.html? Requested by Host: eu.winnernotification.com URL: https://eu.winnernotification.com/pushweb/assets/t_main.js? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority eu.winnernotification.com :scheme https :path /pushweb/assets/m_main.html? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.powerensemble.com/cgi-bin/wingame.pl?partner_pk=305&wingame_pk=65&freetest_pk=1081&sub_id=8545-e7d741a7-d679-46b5-82e0-fb8353334c97&sub_id_postback=102ea3c19dcd58807eeee2763509f5 Response headers status 200 date Sat, 28 Mar 2020 19:44:52 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d494f8e78be77880002e147a044a21c6a1585424692; expires=Mon, 27-Apr-20 19:44:52 GMT; path=/; domain=.winnernotification.com; HttpOnly; SameSite=Lax p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" access-control-allow-origin * access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-headers Content-Type, Authorization, Accengage-Time, Accengage-Signature cache-control no-cache vary Accept-Encoding via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57b3d92a7aa696da-FRA content-encoding gzip

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
eu.winnernotification.com
hicklopo-in.com
laudypauty.com
qalkawell.com
trck.easytrck123.com
v060.jinkiettan.com
www.oteuforum.com
www.powerensemble.com
www.wbtutorials.com
www1.avantgardereviewzz.xyz
104.17.214.35
104.18.27.185
107.167.88.28
107.172.7.100
185.3.185.190
2606:4700:10::6816:78f
2606:4700::6812:4795
49.12.44.41
52.211.36.178
67.199.248.11
78.142.29.109
090c32645d7a0d896b8b498006761bc2a27044b0f5fa80e9c95c6b5e9a336e88
0eacf1acc388defc553edf087f3b6dba7dce25fde1e20e6ad879078e25e44c8c
0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35
12fa0a6a6208f606a390c370c4c0c2a26aa1f6b3f3d1fc6de759e523188e8a20
1b66d313d0bbda51865c515d6e3e6a898a4516fa5b475abdaa9c13c8b1e24610
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
35760ab55cdfeca80927bb58481105f762de07e439bbbfd2c7986bca834dbe65
389f3e798590fe593c5b2a73c1c00fa5ecd869bf8d1ab1193b797a08b8cb30dd
3a3f87103627dbf8b26b2cc86470a21f29884256be4d2ea6d931b8ad8c40d03f
44f73a2456e09097b4606284ae631c0292e20448733946eb1290d3d107a8af4c
4c182b4a1c76f7158aa6abc9ecb165c9387da18965f5a3ea0a3f8ff465bbee83
4ed51528a5446ef1b6b15e216f2099efc733b32b559edf7827c01c947083b38e
5309c4e1ef7d917dad9a00f12635d913798831142c63c4e8aebd11ffcf39614c
5909867e8899379f262ddedfeabb1d40c238a7e0e83ee6c7aa6da73698f75411
5fabed8151bc8afa6e1a083a187a6f76629eb248a1decd4a148ee6997715dd25
6603613bef7d3b2ecbebf589ba781a91065804ecfec937a82dd51f38a575a9d5
6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d
79592ea1b5ea83ad5656fe54d392f6c9ded1510dc81a0fe42dce75cbf8e8dcc2
7db0ce077052a8b2f109cfe5cd6fe9f461ac918d768378ce93d81f8f43cc0d32
936b5ed371cf284f5c275057a0ab45f983256765af7e6ada0ee6a5d7e8332196
9f9a57e6dd172a7d86e2f4266b6fb13e37ad8ecd24929e44878841ffe6075275
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
bedc39ba6f7f98efeb0b5a5c5a195b1f3421829ffcaf83174a1c7e86f5002a61
cdfe7552855628d13e7f81da440db56b6d2ac2a80dc3426a91a082a382cba81d
d40ce64c2ba48c1eeb3abb28ace2795c26a11c4c11ea711aca706bfea2930ef7
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
e71f8596d2836f570c87883f26d7b284b4c1644280cf76fa42919a915a69394d
ecb7adbcdd74acc91408e512b2f28849b844bced8df055f5bc16bb1fde6eb53b
ede794c1537f556be6e8338c9532b27b9912ae23fdcabe98e2f22151fa584792
efa3187fac85d3337d9522fe8f31e0ae06f654c1c76c194341d6b99c4a14b37b
fc2e7781a61b5438f31d19dc485b18c26313b9f859c59323fd8a085e17780f3a

www.powerensemble.com Open in urlscan Pro 185.3.185.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

33 Requests

94 %HTTPS

18 %IPv6

11 Domains

11 Subdomains

7 IPs

4 Countries

457 kBTransfer

751 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.powerensemble.com Open in urlscan Pro
185.3.185.190 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

7
IPs

4
Countries

457 kB
Transfer

751 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions