urlscan.io logo urlscan.io
SecurityTrails logo

allianz-market.site Open in urlscan Pro
2606:4700:3032::6815:57d3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gazeta24.wroclaw.pl/
Effective URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Submission: On May 18 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3032::6815:57d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is allianz-market.site.
This is the only time allianz-market.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.244.36.172 62068 (SPECTRAIP...)
1 1 52.59.165.42 16509 (AMAZON-02)
1 1 52.18.219.189 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
16 20.38.109.68 8075 (MICROSOFT...)
1 52.239.243.68 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f04... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f14... 32934 (FACEBOOK)
35 12
1    185.244.36.172 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: sp2.f7-networks.com
gazeta24.wroclaw.pl
1    52.59.165.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-165-42.eu-central-1.compute.amazonaws.com
i0f.short.gy
1    52.18.219.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ssl-clients.com
1    2606:4700:3032::6815:57d3 (United States)

ASN13335 (CLOUDFLARENET, US)
allianz-market.site
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    20.38.109.68 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
twisterassetsfilestorage.blob.core.windows.net
1    52.239.243.68 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
twisterfilestorage.blob.core.windows.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
16 twisterassetsfilestorage.blob.core.windows.net allianz-market.site
twisterassetsfilestorage.blob.core.windows.net
4 www.facebook.com allianz-market.site
3 connect.facebook.net allianz-market.site
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com twisterassetsfilestorage.blob.core.windows.net
2 www.googletagmanager.com allianz-market.site
1 www.google.de allianz-market.site
1 www.google.com allianz-market.site
1 stats.g.doubleclick.net www.google-analytics.com
1 twisterfilestorage.blob.core.windows.net allianz-market.site
1 allianz-market.site
1 ssl-clients.com 1 redirects
1 i0f.short.gy 1 redirects
1 gazeta24.wroclaw.pl 1 redirects
35 14

This site contains links to these domains. Also see Links.

Domain
fb.me
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-03-06 -
2022-03-06		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Frame ID: 623CE906D6BC71FDA393E2CEDE6B4DA7
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gazeta24.wroclaw.pl/ HTTP 302
    https://i0f.short.gy/EOBbYz HTTP 302
    https://ssl-clients.com/?a=40202&c=52&s1= HTTP 302
    http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

35
Requests

97 %
HTTPS

67 %
IPv6

13
Domains

14
Subdomains

12
IPs

5
Countries

9440 kB
Transfer

10022 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gazeta24.wroclaw.pl/ HTTP 302
    https://i0f.short.gy/EOBbYz HTTP 302
    https://ssl-clients.com/?a=40202&c=52&s1= HTTP 302
    http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
allianz-market.site/flying-dollars_st_am_pl_oa/
Redirect Chain
  • http://gazeta24.wroclaw.pl/
  • https://i0f.short.gy/EOBbYz
  • https://ssl-clients.com/?a=40202&c=52&s1=
  • http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:57d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1f8be20b9bdf910928a5cd144c74221962099ed0dd6e3975d5727441174bb4

Request headers

Host
allianz-market.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 15:05:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IkVoZFo3a3FvQ09kR1F1RGQ3WG1nSXc9PSIsInZhbHVlIjoiSHlXc1ptb3E1Q0NsSGM2RVwvMGMzdDRXblJGZ3diVmFMelFsRXZ2dlFreitETzN2Z0thb1hybmFUMnErMFlDZWsiLCJtYWMiOiI0NDM4YWU3ZTFkNzVkZWM4YzYwMGExODc3YTlkNmViOGVlZWM1YmQ5OWExZDVjOTQ2ZWZlY2UwZDU2MWYxMGU1In0%3D; expires=Tue, 18-May-2021 17:05:21 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjI4WTdEekhQcjlIcTVNa2lTYVNOTGc9PSIsInZhbHVlIjoiS3l3ajlXNkVYcHJKdlwvSEVNa1h6blg3MGZHMnNoZHRmc29NSzIxakgxQ21ZTEI0Zmh5dkx6MDRDWkpcL0MxRnVjIiwibWFjIjoiNDNjMmY5Yzk2MDNhOGMzOThjMGM0YzlhMWNmMzgyZDc5YWZiNjFkOWEwMzhmOWFjODAxYTVjNDMyODEyZjU4MCJ9; expires=Tue, 18-May-2021 17:05:21 GMT; Max-Age=7200; path=/; httponly
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
CF-Cache-Status
DYNAMIC
cf-request-id
0a219ba5080000dfe7f5a6c000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n556duTMAk0YgoWZFbm0z%2FERe01ZvQHVanTPIo4jam%2BlMabPn%2FxaGVqUjJPM%2FvBQZ7fuNtIXo%2B4cjlayb4ld%2FdJ%2FJM039j5F71C%2Fbu43NT1EebhSA5chdnmh3F0jJzij"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6515fbb4dcb5dfe7-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
private
Content-Length
234
Content-Type
text/html; charset=utf-8
Date
Tue, 18 May 2021 15:05:21 GMT
Location
http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=BFNaLvMYyRW+TZjGggpNdntxMedgaTfmBHbiSyT8z1rTAdzXdF2jwA==; domain=.ssl-clients.com; path=/; SameSite=None; secure; HttpOnly trk=Wr6YidYE2Ym+TZjGggpNdntxMedgaTfmBHbiSyT8z1rTAdzXdF2jwA==; domain=.ssl-clients.com; expires=Mon, 18-May-2026 16:05:14 GMT; path=/; SameSite=None; secure; HttpOnly c44=E/DMqdsSLw176NR/2cyey/xIDfsxsMTILMoV/bd7ogY=; domain=.ssl-clients.com; expires=Thu, 17-Jun-2021 15:05:14 GMT; path=/; SameSite=None; secure; HttpOnly
Connection
close
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-169336388-3
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c1c077c7c6b8a2383867e810f967b1d682d2e8f9782efc9a299c30921bcba0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35684
x-xss-protection
0
expires
Tue, 18 May 2021 15:05:21 GMT
style.min.css
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/style.min.css?8
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7c6403a9b29780cc582165d97ecebb8c624b238e8b08dcf3ad419a8863a5f773

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OMhTLFrqj4WvfS6agAaj6A==
ETag
0x8D91083FC6D2BC4
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
b69f306c-e01e-0018-70f7-4b7a48000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
36208
form.css
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/form.css
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c4c4fd1f6ca964acc45dbb22a2e44f35c32e167de3ecad9d51622cca37208cb8

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
K9qP8qbBbLbWtle2drsyyg==
ETag
0x8D91083FC61425F
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
ec397b96-901e-004f-0bf7-4bd47b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
3024
logo.svg
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/logo.svg
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fa3a3a44ebc882b1cc58b41ee357a96280a62a1a33e16b4761c557e9b33e411f

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2jH+w7HFNab1e40ROpVa/w==
ETag
0x8D91083FCE5D0D2
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
b69f308b-e01e-0018-09f7-4b7a48000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
4668
trustpilot.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/trustpilot.png?2
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e2d046514b45db6b22815faab1e8ada103538869e08101b9d2fde325fb280af

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VQwRnZOQMxVv5oRScl1AAw==
ETag
0x8D91083FD39A802
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
ec397bc7-901e-004f-34f7-4bd47b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
3255
bitcoin-planet.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/bitcoin-planet.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c3dd59fe9adb39f5908767ab9057fa2ef8c628070fe15a61fda1be0a9244b5ca

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Xl6BHf6Xpk9Ctoreur/AWw==
ETag
0x8D91083FC801B94
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
63ef1132-801e-0031-54f7-4b443c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
69673
register.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/register.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3752ba7239ffaeb955f88e0800047bae5cf2e8fd4eb9dcfe88c9c6716b9d16e5

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OCGuqfITGeDV4ix5mU0AwQ==
ETag
0x8D91083FD2950D0
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
ec397bb1-901e-004f-21f7-4bd47b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1169
practice.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/practice.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eb90f170e0fa9d29b5ca72271bf1d6e8c91561eb6db5983bace3365e096379dd

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
g90KklonrpOsUvMfOvGCvg==
ETag
0x8D91083FD1464D4
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
4c20d4fd-801e-000e-43f7-4b8c9f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1434
deposit.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/deposit.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6c51d7892c236d33728f5083a965689f2f2777f118f02949a073a3084611443c

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
LtbK8nocRis5ct1geexsyQ==
ETag
0x8D91083FCB3445F
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
48c77d3d-101e-0023-05f7-4b3fec000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1629
visa.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/visa.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ff284466fe7c7edd601cc0a8fcad86fc600bbc61ba024563659c763bc35b97cc

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
NPLnztZELLQbskckm1bb5w==
ETag
0x8D91083FD56FA38
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
7bd14677-d01e-005e-15f7-4b4ecf000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1091
mastercard.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/mastercard.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa9d1120e3eb1d4dbd44af82d0da67d5c2ca4eace6e4c7f37780597b7c9da914

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kWXIgkbGpOlqGYQDks8tDA==
ETag
0x8D91083FD04F833
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
63ef10ef-801e-0031-1ff7-4b443c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1270
bitcoin.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/bitcoin.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd168219e3bb761ce189779cd63d50ac8dbc6347787e0ac0b4e367148e506b8f

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
oKJdK6UslnRGkqVAoZ6egA==
ETag
0x8D91083FC885AAD
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
63ef110c-801e-0031-38f7-4b443c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
2756
ethereum.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ethereum.png
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee115bed8ef19c61389c96d2e43a590b6a238cd2b9b4372c3f49186b7cc03daa

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
/3tu2FiNR5wI4D3eE2Qnig==
ETag
0x8D91083FCBBAA99
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
7bd1462f-d01e-005e-54f7-4b4ecf000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
2208
facebook.svg
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		561 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/facebook.svg?1
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962034e7c4f9a46861ebb5fc93880a427e3d5455c673e544beb69b080767f668

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9Y4suKfeX6+Mu7+ZaMNong==
ETag
0x8D91083FCCD88BB
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
48c77d79-101e-0023-39f7-4b3fec000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
561
scriptFormAm.min.js
twisterfilestorage.blob.core.windows.net/twister/ 		216 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twisterfilestorage.blob.core.windows.net/twister/scriptFormAm.min.js
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.243.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c90b8a797e3a204382e0afa4200e407d968891945f85c75d159fc59dd02e9265

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Sun, 14 Feb 2021 20:39:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XCmnU7ioanna/E8w5eTaDg==
ETag
"0x8D8D12899C70A93"
Content-Type
application/javascript
x-ms-request-id
0cc3728d-201e-0026-3ef7-4b46ce000000
x-ms-version
2014-02-14
Content-Disposition
Accept-Ranges
bytes
Content-Length
221250
x-ms-lease-state
available
script.min.js
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/js/script.min.js?3
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
742e78bf47b72c38b459daa8a048ce00ffc3583927073ea3e1aa999798d8960c

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fm5ar7xaWW1wydUyW65rjQ==
ETag
0x8D91083FD9E2481
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
4c20d549-801e-000e-03f7-4b8c9f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1057
gtm.js
www.googletagmanager.com/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N585R82
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a86a066efb602c670b51b554989edc3e5358a0687a607045023bce1c906b446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34763
x-xss-protection
0
expires
Tue, 18 May 2021 15:05:21 GMT
videohive.mp4
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/video/ 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/video/videohive.mp4
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
http://allianz-market.site/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nAopL4zPRSFIYElIXohjcQ==
ETag
0x8D91083FDB4E5A9
Content-Type
video/mp4
Access-Control-Allow-Origin
*
x-ms-request-id
48c77da0-101e-0023-5df7-4b3fec000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
7629122
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169336388-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5725
date
Tue, 18 May 2021 13:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 18 May 2021 15:29:56 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=819674783&t=pageview&_s=1&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&ul=en-us&de=UTF-8&dt=AllianzMarket%20KRYPTOWALUTAMI%20Z%20D%C5%B9WIGNI%C4%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=980734012&gjid=836556919&cid=1677178044.1621350322&tid=UA-169336388-3&_gid=479573062.1621350322&_r=1&gtm=2ou5c1&z=1057368921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 May 2021 15:05:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://allianz-market.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=819674783&t=pageview&_s=1&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&ul=en-us&de=UTF-8&dt=AllianzMarket%20KRYPTOWALUTAMI%20Z%20D%C5%B9WIGNI%C4%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1344034873&gjid=1709984333&cid=1677178044.1621350322&tid=UA-123640866-1&_gid=479573062.1621350322&_r=1&gtm=2wg5c1N585R82&z=1073502056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 May 2021 15:05:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://allianz-market.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
NjSyUVc1cMEiOKsA6IW70S0i3ZooGZmTMxPZ7Raio9nSQbY9DB8nM/RrEnxsDw92vPSE/ijyPSmtf84A9Olo2w==
x-fb-trip-id
1709462857
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 18 May 2021 15:05:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-123640866-1&cid=1677178044.1621350322&jid=1344034873&gjid=1709984333&_gid=479573062.1621350322&_u=aEDAAUABAAAAAC~&z=256869493
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 18 May 2021 15:05:21 GMT
content-type
text/plain
access-control-allow-origin
http://allianz-market.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
2329990890587462
connect.facebook.net/signals/config/ 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2329990890587462?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dc99a774066625aadf26d47ce6137f4b14cfa9cef187ab3b99d18b99eca0ca6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
pkGN+ELVcxmaAb00G+OLoqlsOoHuki4Noyo9ixX7jFA+sVsxzL5j2sFWjSEbT09ko2utHUd1B9oaNYnQoOfJ9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 18 May 2021 15:05:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123640866-1&cid=1677178044.1621350322&jid=1344034873&_u=aEDAAUABAAAAAC~&z=1245257025
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 15:05:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123640866-1&cid=1677178044.1621350322&jid=1344034873&_u=aEDAAUABAAAAAC~&z=1245257025
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 15:05:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
fonts.gstatic.com/s/opensans/v17/ 		28 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
Requested by
Host: twisterassetsfilestorage.blob.core.windows.net
URL: https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/style.min.css?8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://allianz-market.site
Referer
https://twisterassetsfilestorage.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 21:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581379
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19068
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:56 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 May 2022 21:35:43 GMT
innovative.png
twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/img/innovative.png
Requested by
Host: twisterassetsfilestorage.blob.core.windows.net
URL: https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/style.min.css?8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.109.68 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1c4551cd4d2e8f7c0500f24c646de36f723c5fa8400c3a54f91fc17487abc7a7

Request headers

Referer
https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/style.min.css?8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 18 May 2021 15:05:21 GMT
Last-Modified
Thu, 06 May 2021 11:42:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ADByAifhEjA4Ocgp3VRh9g==
ETag
0x8D91083FCDA5CB2
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
7bd146bb-d01e-005e-52f7-4b4ecf000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
1368958
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/ 		26 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: twisterassetsfilestorage.blob.core.windows.net
URL: https://twisterassetsfilestorage.blob.core.windows.net/assets/l8DZhlsTijWO/css/style.min.css?8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://allianz-market.site
Referer
https://twisterassetsfilestorage.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 05:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467580
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 May 2022 05:12:22 GMT
481866572658102
connect.facebook.net/signals/config/ 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481866572658102?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
542c89c5a9c88b83d3b75cffea99522232011545488454550d1a69e0a57d1905
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
gAQShOc1Xksehke2fzvZUSGFONWObt/slX3WQCrp8Bw3laVmiRS8Z6I0CpNVqNHwF98HLrlOAg+ZfuA2nNW9eQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 18 May 2021 15:05:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2329990890587462&ev=PageView&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&rl=&if=false&ts=1621350322181&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621350322179.1612374025&it=1621350321839&coo=false&exp=l0&rqm=GET
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 18 May 2021 15:05:22 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481866572658102&ev=PageView&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&rl=&if=false&ts=1621350322672&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1621350322179.1612374025&it=1621350321839&coo=false&exp=l0&rqm=GET
Requested by
Host: allianz-market.site
URL: http://allianz-market.site/flying-dollars_st_am_pl_oa/?sub_id=292537&offer_id=44&plt=ck&AffiliateId=40202
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 May 2021 15:05:22 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2329990890587462&ev=Microdata&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&rl=&if=false&ts=1621350323707&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AllianzMarket%20KRYPTOWALUTAMI%20Z%20D%C5%B9WIGNI%C4%84%22%2C%22meta%3Adescription%22%3A%22Do%C5%82%C4%85cz%20si%C4%99%20do%20sp%C3%B3%C5%82ki%20sukcesywnych%20inwestor%C3%B3w%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1621350323705.490519698&it=1621350321839&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 18 May 2021 15:05:23 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481866572658102&ev=Microdata&dl=http%3A%2F%2Fallianz-market.site%2Fflying-dollars_st_am_pl_oa%2F%3Fsub_id%3D292537%26offer_id%3D44%26plt%3Dck%26AffiliateId%3D40202&rl=&if=false&ts=1621350324174&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AllianzMarket%20KRYPTOWALUTAMI%20Z%20D%C5%B9WIGNI%C4%84%22%2C%22meta%3Adescription%22%3A%22Do%C5%82%C4%85cz%20si%C4%99%20do%20sp%C3%B3%C5%82ki%20sukcesywnych%20inwestor%C3%B3w%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1621350323705.490519698&it=1621350321839&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://allianz-market.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 15:05:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 May 2021 15:05:24 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq string| srcUtils string| loginLink object| translations function| _typeof object| _countries_ function| popup function| popupSuccess function| settingRegisterForm function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput

7 Cookies

Domain/Path Name / Value
.allianz-market.site/ Name: _gat_UA-123640866-1
Value: 1
.allianz-market.site/ Name: _fbp
Value: fb.1.1621350322179.1612374025
.allianz-market.site/ Name: _gat_gtag_UA_169336388_3
Value: 1
.allianz-market.site/ Name: _gid
Value: GA1.2.479573062.1621350322
.allianz-market.site/ Name: _ga
Value: GA1.2.1677178044.1621350322
allianz-market.site/ Name: laravel_session
Value: eyJpdiI6IjI4WTdEekhQcjlIcTVNa2lTYVNOTGc9PSIsInZhbHVlIjoiS3l3ajlXNkVYcHJKdlwvSEVNa1h6blg3MGZHMnNoZHRmc29NSzIxakgxQ21ZTEI0Zmh5dkx6MDRDWkpcL0MxRnVjIiwibWFjIjoiNDNjMmY5Yzk2MDNhOGMzOThjMGM0YzlhMWNmMzgyZDc5YWZiNjFkOWEwMzhmOWFjODAxYTVjNDMyODEyZjU4MCJ9
allianz-market.site/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVoZFo3a3FvQ09kR1F1RGQ3WG1nSXc9PSIsInZhbHVlIjoiSHlXc1ptb3E1Q0NsSGM2RVwvMGMzdDRXblJGZ3diVmFMelFsRXZ2dlFreitETzN2Z0thb1hybmFUMnErMFlDZWsiLCJtYWMiOiI0NDM4YWU3ZTFkNzVkZWM4YzYwMGExODc3YTlkNmViOGVlZWM1YmQ5OWExZDVjOTQ2ZWZlY2UwZDU2MWYxMGU1In0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allianz-market.site
connect.facebook.net
fonts.gstatic.com
gazeta24.wroclaw.pl
i0f.short.gy
ssl-clients.com
stats.g.doubleclick.net
twisterassetsfilestorage.blob.core.windows.net
twisterfilestorage.blob.core.windows.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
185.244.36.172
20.38.109.68
2606:4700:3032::6815:57d3
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
52.18.219.189
52.239.243.68
52.59.165.42
0e2d046514b45db6b22815faab1e8ada103538869e08101b9d2fde325fb280af
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c1f8be20b9bdf910928a5cd144c74221962099ed0dd6e3975d5727441174bb4
1c4551cd4d2e8f7c0500f24c646de36f723c5fa8400c3a54f91fc17487abc7a7
2a86a066efb602c670b51b554989edc3e5358a0687a607045023bce1c906b446
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3752ba7239ffaeb955f88e0800047bae5cf2e8fd4eb9dcfe88c9c6716b9d16e5
542c89c5a9c88b83d3b75cffea99522232011545488454550d1a69e0a57d1905
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5c1c077c7c6b8a2383867e810f967b1d682d2e8f9782efc9a299c30921bcba0a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c51d7892c236d33728f5083a965689f2f2777f118f02949a073a3084611443c
742e78bf47b72c38b459daa8a048ce00ffc3583927073ea3e1aa999798d8960c
7c6403a9b29780cc582165d97ecebb8c624b238e8b08dcf3ad419a8863a5f773
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dc99a774066625aadf26d47ce6137f4b14cfa9cef187ab3b99d18b99eca0ca6
962034e7c4f9a46861ebb5fc93880a427e3d5455c673e544beb69b080767f668
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa9d1120e3eb1d4dbd44af82d0da67d5c2ca4eace6e4c7f37780597b7c9da914
bd168219e3bb761ce189779cd63d50ac8dbc6347787e0ac0b4e367148e506b8f
c3dd59fe9adb39f5908767ab9057fa2ef8c628070fe15a61fda1be0a9244b5ca
c4c4fd1f6ca964acc45dbb22a2e44f35c32e167de3ecad9d51622cca37208cb8
c90b8a797e3a204382e0afa4200e407d968891945f85c75d159fc59dd02e9265
d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eb90f170e0fa9d29b5ca72271bf1d6e8c91561eb6db5983bace3365e096379dd
ee115bed8ef19c61389c96d2e43a590b6a238cd2b9b4372c3f49186b7cc03daa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa3a3a44ebc882b1cc58b41ee357a96280a62a1a33e16b4761c557e9b33e411f
ff284466fe7c7edd601cc0a8fcad86fc600bbc61ba024563659c763bc35b97cc