scamcharge.com Open in urlscan Pro
34.247.123.251 Public Scan

URL:
http://scamcharge.com/
Submission: On August 22 via api (August 22nd 2020, 3:05:24 pm UTC) from US

Summary HTTP 159 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 21 domains to perform 159 HTTP transactions. The main IP is 34.247.123.251, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is scamcharge.com.

This is the only time scamcharge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	34.247.123.251 34.247.123.251	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:c400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1 15	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
3	13.226.145.204 13.226.145.204	16509 (AMAZON-02) (AMAZON-02)
2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.95.118.60 52.95.118.60	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2600:9000:218... 2600:9000:2182:9c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
159	26

50 34.247.123.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com

scamcharge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:c400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.207.66 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.95.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.145.204 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.118.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:9c00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	scamcharge.com scamcharge.com	370 KB
25	googlesyndication.com pagead2.googlesyndication.com cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com tpc.googlesyndication.com	262 KB
20	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	192 KB
15	ampproject.org cdn.ampproject.org	322 KB
7	ezoic.net go.ezoic.net g.ezoic.net	5 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
6	gstatic.com fonts.gstatic.com	65 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
5	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	quantserve.com 2 redirects edge.quantserve.com pixel.quantserve.com	9 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	2 KB
2	quantcount.com 1 redirects rules.quantcount.com	776 B
2	criteo.net static.criteo.net	43 KB
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	lijit.com ap.lijit.com	721 B
1	indexww.com js-sec.indexww.com
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	829 B
1	adnxs.com ib.adnxs.com	709 B
1	criteo.com bidder.criteo.com	143 B
159	21

	Domain	Requested by
50	scamcharge.com	scamcharge.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net scamcharge.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	1 redirects scamcharge.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	scamcharge.com pagead2.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	2 redirects scamcharge.com
5	fonts.googleapis.com	securepubads.g.doubleclick.net
5	g.ezoic.net	scamcharge.com
5	www.google-analytics.com	1 redirects scamcharge.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com scamcharge.com
3	c.amazon-adsystem.com	scamcharge.com c.amazon-adsystem.com
2	pixel.quantserve.com	1 redirects
2	sb.scorecardresearch.com	1 redirects
2	rules.quantcount.com	1 redirects
2	edge.quantserve.com	1 redirects
2	static.criteo.net	scamcharge.com static.criteo.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	as-sec.casalemedia.com	scamcharge.com
2	ap.lijit.com	scamcharge.com
2	go.ezoic.net	scamcharge.com
2	adservice.google.com	scamcharge.com pagead2.googlesyndication.com
1	b.scorecardresearch.com	go.ezoic.net
1	js-sec.indexww.com	scamcharge.com
1	cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	scamcharge.com
1	ib.adnxs.com	scamcharge.com
1	bidder.criteo.com	scamcharge.com
159	30

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.ezoic.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.ezoic.net Amazon	`2020-03-15` - `2021-04-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://scamcharge.com/
Frame ID: 3A4DA2EA30E1EF97C114B4EDB6BEDAAD
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200818/r20190131/zrt_lookup.html
Frame ID: FE6B77F21730F707D74DF98345D17AEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1598108706&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fscamcharge.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1598108706344&bpp=17&bdt=283&idt=134&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1127705494095&frm=20&pv=2&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=1&ga_wpids=UA-97838217-27&iag=0&icsg=52776554713002&dssz=71&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21066358%2C21066944%2C44725623&oid=3&pvsid=3050714760669560&pem=515&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=150
Frame ID: A7C5CA21EFEB0DFA5993E4F5DEACB0B6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv&dcc=t
Frame ID: F3AF297DD660D07E07D0C9059E41C266
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032008180007000/amp4ads-v0.js
Frame ID: AC4512E59852DA0BB0B32C69B3D84548
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js
Frame ID: A71D72D5EC8364AE5947119BE9537A46
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: FE0B66E6756913CDED5E37C1B1A473DC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 36F044E874741D4A32903942A6FECD95
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8711458
Frame ID: 6F3D5AD872F68E5733D4446B1796F4D2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022008102328000/amp4ads-v0.js
Frame ID: D578C1C853559B98E41160EC55B611DE
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

159
Requests

58 %
HTTPS

58 %
IPv6

21
Domains

30
Subdomains

26
IPs

7
Countries

1371 kB
Transfer

3643 kB
Size

32
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 17

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 37

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706388&utmac=UA-97838217-27&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=254163650&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706388&utmac=UA-97838217-27&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=254163650&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~

Request Chain 38

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706391&utmac=UA-38339005-1&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1739088001&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706391&utmac=UA-38339005-1&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1739088001&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~

Request Chain 39

http://www.google-analytics.com/r/collect?v=1&_v=j83&a=473790616&t=pageview&_s=1&dl=http%3A%2F%2Fscamcharge.com%2F&ul=en-us&de=UTF-8&dt=Scam%20Charge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=43346855.2128074557.1598108706.1598108706.1598108706.1&_utmz=43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1598108706401&_u=IQBCAEAB~&jid=260927410&gjid=1498108529&cid=2128074557.1598108706&tid=UA-70691666-1&_gid=1649483071.1598108706&_r=1&z=1901398557 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=473790616&t=pageview&_s=1&dl=http%3A%2F%2Fscamcharge.com%2F&ul=en-us&de=UTF-8&dt=Scam%20Charge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=43346855.2128074557.1598108706.1598108706.1598108706.1&_utmz=43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1598108706401&_u=IQBCAEAB~&jid=260927410&gjid=1498108529&cid=2128074557.1598108706&tid=UA-70691666-1&_gid=1649483071.1598108706&_r=1&z=1901398557 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70691666-1&cid=2128074557.1598108706&jid=260927410&_gid=1649483071.1598108706&gjid=1498108529&_v=j83&z=1901398557

Request Chain 59

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv&dcc=t

Request Chain 80

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 102

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 152

http://edge.quantserve.com/quant.js HTTP 301
https://edge.quantserve.com/quant.js

Request Chain 154

http://rules.quantcount.com/rules-p-31iz6hfFutd16.js HTTP 301
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js

Request Chain 155

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9=&cs_ak_ss=1

Request Chain 156

http://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=scamcharge.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598108712641;tzo=-120;ogl= HTTP 301
https://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=scamcharge.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598108712641;tzo=-120;ogl=

159 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
scamcharge.com/ 66 KB
19 KB 1274ms
1240ms Document
text/html 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 / PHP/5.5.9-1ubuntu4.22
Resource Hash: c664122c2d9b82a6cc8600a5c40ee5f67a258b1ce0091276e833ccd91e990341

Request headers

Host: scamcharge.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 22 Aug 2020 15:05:06 GMT
Display: pub_site_sol
Expires: Fri, 21 Aug 2020 15:05:06 GMT
Pagespeed: off
Response: 200
Server: nginx/1.16.0
Set-Cookie: ezoadgid_47152=-1; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 15:35:04 UTC ezoref_47152=; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 17:05:04 UTC ezoab_47152=mod1; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 17:05:04 UTC active_template::47152=pub_site.1598108704; Path=/; Domain=scamcharge.com; Expires=Mon, 24 Aug 2020 15:05:04 UTC ezopvc_47152=1; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 15:35:06 UTC ezepvv=0; Path=/; Domain=scamcharge.com; Expires=Sun, 23 Aug 2020 15:05:06 UTC lp_47152=http://scamcharge.com/; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 17:05:06 UTC ezovid_47152=976118652; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 15:35:06 UTC ezovuuidtime_47152=1598108706; Path=/; Domain=scamcharge.com; Expires=Mon, 24 Aug 2020 15:05:06 UTC ezovuuid_47152=50b12a42-ff56-494b-5244-6ab71f3db7a9; Path=/; Domain=scamcharge.com; Expires=Sat, 22 Aug 2020 15:35:06 UTC ezCMPCCS=true; Path=/; Domain=scamcharge.com; Expires=Sun, 22 Aug 2021 15:05:06 GMT
Vary: Accept-Encoding Accept-Encoding
X-Middleton-Display: pub_site_sol
X-Middleton-Response: 200
X-Powered-By: PHP/5.5.9-1ubuntu4.22
X-Sol: pub_site
Transfer-Encoding: chunked

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 34ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scamcharge.com

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK dall3202c.js Show response
scamcharge.com/porpoiseant/ 328 KB
104 KB 82ms
61ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: ee3df06d8d78abdd33ee36b24b07344fbd5edf66f1129f1d313c83aef4c7805b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Aug 2020 00:10:44 GMT
Server: nginx/1.16.0
Etag: "520a1-5ad6c2f49e37d;5acee20245840-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK boise.js Show response
scamcharge.com/detroitchicago/ 983 B
1 KB 33ms
33ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/boise.js?gcb=191-2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: sol-js
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000, public
Server: nginx/1.16.0
Content-Length: 983
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK main.css
scamcharge.com/css/ 125 KB
21 KB 122ms
118ms Stylesheet
text/css 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/css/main.css
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: bf33cc61b80766252df5ad16b9c69ada37567a53eacc2b5473c805eec31224ef

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, orig_site_sol
Vary: Accept-Encoding, Accept-Encoding,Origin
Content-Type: text/css
X-Middleton-Display: staticcontent_sol, orig_site_sol
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Middleton-Response: 200
X-Sol: orig
Expires: Sat, 29 Aug 2020 15:28:04 GMT

GET
H/1.1 200
OK cookieconsent.min.js Show response
scamcharge.com/ezoic/ 4 KB
2 KB 41ms
34ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/ezoic/cookieconsent.min.js
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Etag: "11a4-5acee20245840-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 1922
Expires: Sun, 22 Aug 2021 15:05:06 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 124 KB
44 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

339cd03f5cdb19955deb7ec86ace8fed50429569ab1b7c36b226ed256b1632ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17681133921363288523
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 44510
X-XSS-Protection: 0
Expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H/1.1 200
OK logo.png
scamcharge.com/img/ 5 KB
5 KB 943ms
939ms Image
image/png 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/img/logo.png
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e5a09086006e589664ab19aa38b428dcba39b05a59a00e12a4f28a9b376e3b0e

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "56855fbd-13c6-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/png
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Middleton-Response: 200
Expires: Mon, 21 Sep 2020 15:28:05 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 43ms
6ms Image
image/png 2600:9000:20eb:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 19 Aug 2020 00:09:50 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
x-sol: middleton
age: 312916
x-cache: Hit from cloudfront
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
content-length: 1181
x-amz-cf-id: RqM_FO3ONvLJjvIVEgmflyg4sHS7fv0g4B6vReEt8yrKB2OwaX42yw==
last-modified: Sat, 15 Aug 2020 17:47:05 GMT
server: nginx/1.16.0
etag: "49d-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
display: staticcontent_sol, staticcontent_sol
expires: Wed, 26 Aug 2020 00:09:50 GMT

GET
H/1.1 200
OK houston.js Show response
scamcharge.com/detroitchicago/ 2 KB
1 KB 39ms
34ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/houston.js?gcb=2&cb=2
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e5e4c5b74b4cdb4c6badcb2f87ccebac15343ff348c3cac7345fbfcb54f9016b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
Content-Length: 928

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

54 KB
19 KB

76ms
29ms

Script
text/javascript

216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

b29b85290e9919313012c013e9b0ccc4b1255e827eb79dbd5ba5c719190c14b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "609 / 62 of 1000 / last-modified: 1598051301"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18610
x-xss-protection: 0
expires: Sat, 22 Aug 2020 15:05:06 GMT

Redirect headers

Date: Sat, 22 Aug 2020 15:00:14 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 292
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Sat, 22 Aug 2020 15:30:14 GMT

GET
H/1.1 200
OK austin.js Show response
scamcharge.com/detroitchicago/ 1 KB
2 KB 53ms
50ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/austin.js?gcb=2&cb=2
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 6cd9802d6aa7930cd0b7c11f74e506e83174e4601dcdf39406c7552032db5aad

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: sol-js
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000, public
Server: nginx/1.16.0
Content-Length: 1307
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK banger.js Show response
scamcharge.com/porpoiseant/ 49 KB
11 KB 47ms
43ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/porpoiseant/banger.js?cb=191-2&bv=83&v=35&PageSpeed=off
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5bc767e0136291b0abb947693317a7198e415abca8e94fa3e80fcb968805b9c2

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: nginx/1.16.0
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK memphis.js Show response
scamcharge.com/detroitchicago/ 5 KB
2 KB 70ms
55ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/memphis.js?gcb=191-2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
Content-Length: 1526

GET
H/1.1 200
OK minneapolis.js Show response
scamcharge.com/detroitchicago/ 845 B
1 KB 68ms
55ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/minneapolis.js?gcb=191-2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: sol-js
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000, public
Server: nginx/1.16.0
Content-Length: 845
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK raleigh.js Show response
scamcharge.com/detroitchicago/ 2 KB
1 KB 34ms
34ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/raleigh.js?gcb=191-2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0fadd83464640fea2e28bf01fdd092956772ff393ab5399a496d1caec4170cb4

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
Content-Length: 787

GET
H/1.1 200
OK tampa.js Show response
scamcharge.com/detroitchicago/ 754 B
1007 B 35ms
35ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/tampa.js?gcb=191-2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: sol-js
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000, public
Server: nginx/1.16.0
Content-Length: 754
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK rochester.js Show response
scamcharge.com/detroitchicago/ 2 KB
1 KB 35ms
35ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/rochester.js?cb=191-2&v=9
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: max-age=31536000, public
Content-Length: 832

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 7070
date: Sat, 22 Aug 2020 13:07:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 22 Aug 2020 15:07:16 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ezosuigeneris.js Show response
g.ezoic.net/ 555 B
897 B 49ms
35ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://g.ezoic.net/ezosuigeneris.js
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9966622db8014a14d04280f587a00bebe22ecb04bdc0191042079d8d202f9649

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Etag: ea29e20e40deeee1808d5243d79b55f7
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=999999, private
Content-Length: 555
Expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6566
date: Sat, 22 Aug 2020 13:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 22 Aug 2020 15:15:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK background.png
scamcharge.com/img/ 159 KB
160 KB 143ms
122ms Image
image/png 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/img/background.png
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/css/main.css
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: ba35f7b142be718049cd5ac882e146196c10a18fac769f188892fa5a49c33f20

Request headers

Referer: http://scamcharge.com/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "56855fbd-27cc5-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/png
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Middleton-Response: 200
Expires: Mon, 21 Sep 2020 15:28:05 GMT

GET
H/1.1 200
OK user_small.png
scamcharge.com/img/ 346 B
816 B 1071ms
1061ms Image
image/png 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/img/user_small.png
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/css/main.css
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0d1b4f5a639b92082efa4d4594d7dfecd5e1a4e1f0c3ba9db057da7b95045eef

Request headers

Referer: http://scamcharge.com/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Response: 200
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "56855fbd-15a-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/png
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Cache-Control: max-age=2592000
X-Middleton-Response: 200
Content-Length: 346
Expires: Mon, 21 Sep 2020 15:28:06 GMT

GET
H/1.1 200
OK reported_small.png
scamcharge.com/img/ 488 B
958 B 71ms
68ms Image
image/png 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/img/reported_small.png
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/css/main.css
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 20ff07016229ae6b852b19a17102013ae18f5355aa776b7b8fcb258cbacddaa6

Request headers

Referer: http://scamcharge.com/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Response: 200
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "56855fbd-1e8-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/png
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Cache-Control: max-age=2592000
X-Middleton-Response: 200
Content-Length: 488
Expires: Mon, 21 Sep 2020 15:28:05 GMT

GET
H/1.1 200
OK l.svg
scamcharge.com/utilcave_com/ 965 B
1 KB 41ms
40ms Image
image/svg+xml 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/utilcave_com/l.svg
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "3c5-5ac9ecc7b5bc0-gzip-gzip"
Vary: Accept-Encoding, Accept-Encoding,Origin
Content-Type: image/svg+xml
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Cache-Control: max-age=604800
X-Sol: middleton
Content-Length: 965
Expires: Sat, 29 Aug 2020 15:05:06 GMT

GET
H/1.1 200
OK anchorfix.js Show response
scamcharge.com/ezoic/ 879 B
1 KB 36ms
35ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/ezoic/anchorfix.js?cb=191-2
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000
Expires: Sun, 22 Aug 2021 15:05:06 GMT
Server: nginx/1.16.0
Content-Length: 879
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK jellyfish.webp Show response
scamcharge.com/porpoiseant/ 58 KB
12 KB 72ms
71ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/porpoiseant/jellyfish.webp?a=a&cb=191-2&shcb=34
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: nginx/1.16.0
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 89 KB
33 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc097a143b892674cddf1bfd0501dc56dad0eb5edaf5ded1010c2663c9f5e4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13397985932276359337
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 32756
X-XSS-Protection: 0
Expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 47ms
33ms Script
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/detroitchicago/austin.js?gcb=2&cb=2
Protocol: HTTP/1.1
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:02:57 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: Server
Age: 129
ETag: 455f576a29240d2cfe83996aefcdb576
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9fdrVPHS5b7ZEopxVDlwaZK2dL9ersep4aPENkP09FZS7JBKHTLOPA==

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 46 B
721 B 80ms
42ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.20.0
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5635594e9321b7b9299e35844b2f9fdb21ef29e31616bc6ad76ff33d7f92cd32

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://scamcharge.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 64

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
986 B 255ms
206ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=305136&v=7.2&r=%7B%22id%22%3A%226d28fb2802b137%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22700e88a91baaf4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228a4ab16ed988f9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229596e21fa5bdf1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221054ec1d5252a96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305147%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fscamcharge.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.com%22%2C%22sid%22%3A%2227f48d0bd8a6e0e902ec52684168edb8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ceb27021e5c3609504b0f674dca3ddfa6ce9c66ef7555ef26db489fad0eb8fa3

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://scamcharge.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
750 B 99ms
48ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=305136&v=8.1&r=%7B%22id%22%3A%226d28fb2802b137%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22700e88a91baaf4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%229596e21fa5bdf1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22336x280%22%7D%2C%22video%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22placement%22%3A4%7D%7D%2C%7B%22id%22%3A%221054ec1d5252a96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305147%22%2C%22sid%22%3A%22300x250%22%7D%2C%22video%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fscamcharge.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.com%22%2C%22sid%22%3A%2227f48d0bd8a6e0e902ec52684168edb8%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ceb27021e5c3609504b0f674dca3ddfa6ce9c66ef7555ef26db489fad0eb8fa3

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://scamcharge.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Sat, 22 Aug 2020 15:05:06 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
143 B 62ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=31092465199
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 22 Aug 2020 15:05:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://scamcharge.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 64ms
28ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Aug 2020 15:05:06 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: 73377900-4fc6-41ea-ad16-3b7b12e1ae42
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://scamcharge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ezosuigenerisc.js Show response
g.ezoic.net/ 0
220 B 41ms
40ms Script
text/html 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=300, private
Server: nginx/1.16.0
Content-Length: 0
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/ 225 KB
85 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f157eaeebd80fe5f89ac54d13bd68bdc12e8f68cfbc6bae75270adf4a1510ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86376
x-xss-protection: 0
server: cafe
etag: 15392258999777139878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200818/r20190131/ Frame FE6B 0
0 25ms
6ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200818/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200818/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://scamcharge.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 18 Aug 2020 22:06:18 GMT
expires: Tue, 01 Sep 2020 22:06:18 GMT
content-type: text/html; charset=UTF-8
etag: 1003971328536524430
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 320328
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK nmash.js
scamcharge.com/porpoiseant/ 22 KB
6 KB 46ms
35ms Other
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/porpoiseant/nmash.js?v=83
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 23c35871bd433283c634753bf3cc4db2d86aabe41b910b8fae020c6f35698756

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Etag: "564c-5acee20245840;5acee20245840-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/2+Q/46

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x120...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x12...

35 B
102 B

13ms
13ms

Image
image/gif

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706388&utmac=UA-97838217-27&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=254163650&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=675848310&utmhn=scamcharge.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706388&utmac=UA-97838217-27&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=254163650&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~
Non-Authoritative-Reason: HSTS

GET
H/2+Q/46

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utms...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utm...

35 B
56 B

15ms
14ms

Image
image/gif

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706391&utmac=UA-38339005-1&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1739088001&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=959406890&utmhn=scamcharge.com&utme=8(template*domain)9(pub_site*scamcharge.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Scam%20Charge&utmhid=473790616&utmr=-&utmp=%2F&utmht=1598108706391&utmac=UA-38339005-1&utmcc=__utma%3D43346855.2128074557.1598108706.1598108706.1598108706.1%3B%2B__utmz%3D43346855.1598108706.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1739088001&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j83&a=473790616&t=pageview&_s=1&dl=http%3A%2F%2Fscamcharge.com%2F&ul=en-us&de=UTF-8&dt=Scam%20Charge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=...
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=473790616&t=pageview&_s=1&dl=http%3A%2F%2Fscamcharge.com%2F&ul=en-us&de=UTF-8&dt=Scam%20Charge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70691666-1&cid=2128074557.1598108706&jid=260927410&_gid=1649483071.1598108706&gjid=1498108529&_v=j83&z=1901398557

35 B
133 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70691666-1&cid=2128074557.1598108706&jid=260927410&_gid=1649483071.1598108706&gjid=1498108529&_v=j83&z=1901398557

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 22 Aug 2020 15:05:06 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70691666-1&cid=2128074557.1598108706&jid=260927410&_gid=1649483071.1598108706&gjid=1498108529&_v=j83&z=1901398557
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK anaheim.js Show response
scamcharge.com/detroitchicago/ 665 B
918 B 44ms
43ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/anaheim.js?gcb=2&cb=1
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: sol-js
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: max-age=31536000, public
Server: nginx/1.16.0
Content-Length: 665
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK edmonton.webp Show response
scamcharge.com/detroitchicago/ 14 KB
5 KB 44ms
43ms Script
application/javascript 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/detroitchicago/edmonton.webp?a=a&cb=191-2&shcb=34
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: nginx/1.16.0
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 64ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJleHRfdXNlcl9oYXNoIiwidmFsIjoiTlQifV19XQ==
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:03 UTC

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 35ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImVhMjllMjBlNDBkZWVlZTE4MDhkNTI0M2Q3OWI1NWY3In1dfV0=
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:09 UTC

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 116 B
501 B 431ms
380ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fscamcharge.com%2F&pid=KVT2rvhYGmYlp&cb=0&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fscamcharge_com-box-1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2Fscamcharge_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fscamcharge_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fscamcharge_com-large-leaderboard-1%22%7D%5D&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 591faf87176bd2d6effd08a861e2e2f27f7c300c16cad9005be3e03bab8f37f3

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://scamcharge.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 126
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-id: Fmq4iXxa3lb0AYSUlCgeFVHCKLGYe45J7M6A5kIiXa34nOCUpgUQig==

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 226ms
213ms XHR
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Amz-Cf-Pop: DUS51-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 20 Aug 2020 07:51:21 GMT
Server: AmazonS3
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Id: oQdbW7aB8t0Odgq5FElnLsXi8zZRvd0zjb4hw982UMIopXdbUnGf0w==

GET
H/1.1 200
OK imp.gif
scamcharge.com/detroitchicago/ 43 B
328 B 38ms
38ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A6%2C%22ad_location_ids%22%3A%220%2C5%2C34%2C35%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Brussels%22%2C%22country%22%3A%22BE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A47152%2C%22domain_test_group%22%3A20200403%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22391%22%2C%22iab_category_1%22%3A%22405%22%2C%22iab_category_2%22%3A%22239%22%2C%22iab_category_3%22%3A%22271%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1104%2C1105%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2204a516a2-4a14-458c-70e4-80c2b4daac12%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221930%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A383%2C%22serverid%22%3A%2254.78.141.206%3A26921%22%2C%22state%22%3A%22BRU%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1104%2C1105%22%2C%22t_epoch%22%3A1598108704%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Fscamcharge.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A642%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Middleton-Display: imp_sol
Date: Sat, 22 Aug 2020 15:05:06 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Server: nginx/1.16.0
Content-Length: 43
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif

GET
H/2+Q/46 200 pubads_impl_2020081801.js Show response
securepubads.g.doubleclick.net/gpt/ 257 KB
91 KB 62ms
34ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

ec21aac4031dc5c23e1d40e2ed211253ba70f67dce54bf03850ad5dd7b9d4e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Aug 2020 08:44:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92464
x-xss-protection: 0
expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 36ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=scamcharge.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/2+Q/46 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
807 B 37ms
24ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scamcharge.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/2+Q/46 200 ads
googleads.g.doubleclick.net/pagead/ Frame A7C5 0
0 92ms
78ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1598108706&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fscamcharge.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1598108706344&bpp=17&bdt=283&idt=134&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1127705494095&frm=20&pv=2&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=1&ga_wpids=UA-97838217-27&iag=0&icsg=52776554713002&dssz=71&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21066358%2C21066944%2C44725623&oid=3&pvsid=3050714760669560&pem=515&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1598108706&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fscamcharge.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1598108706344&bpp=17&bdt=283&idt=134&shv=r20200818&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1127705494095&frm=20&pv=2&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=1&ga_wpids=UA-97838217-27&iag=0&icsg=52776554713002&dssz=71&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530587%2C21066358%2C21066944%2C44725623&oid=3&pvsid=3050714760669560&pem=515&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://scamcharge.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 22 Aug 2020 15:05:06 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-Aug-2020 15:20:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 Aug 2020 15:05:06 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Sat, 22 Aug 2020 15:05:06 GMT

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 35ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTA4LTIyIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:03 UTC

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 419ms
419ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=1809848516876494&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid9%3D878332%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1104%26sap%3D1104%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dscamcharge_com-box-1-878332%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D2%26bvr%3D1%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D80%26br2%3D38%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D33%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cookie_enabled=1&bc=23&abxe=1&lmt=1598108706&dt=1598108706612&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=410&adks=3927840977&ucis=1&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=72&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=360x269&msz=300x250&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

db7e3dbd119ad989062d580a95a29163e4d321d82f7fc881ecc4bfa183687357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10817
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 73ms
39ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 707ms
706ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=1809848516876494&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x250%7C320x100%7C200x200%7C234x60%7C320x50%7C250x250%7C120x240%7C180x150%7C125x125&fluid=height&prev_scp=iid10%3D905331%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Dscamcharge_com-large-billboard-2-905331%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D2%26bvr%3D1%26shp%3D3%26ft%3D1%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cookie_enabled=1&bc=23&abxe=1&lmt=1598108706&dt=1598108706622&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=1075&adks=1327534641&ucis=2&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0C9C11|color_text,,000000|color_url,,0C9C11&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=72&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=338x303&msz=338x282&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=4&ohw=338&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

abe55308043385eda5e50ad0d11db469124dd32bdb88029f65a5f4e7d1ce4216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11435
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 430 B
451 B 944ms
944ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=1809848516876494&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid9%3D882331%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dscamcharge_com-large-leaderboard-1-882331%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cookie_enabled=1&bc=23&abxe=1&lmt=1598108706&dt=1598108706626&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=1773&adks=3927301509&ucis=3&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=72&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=360x271&msz=302x252&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=4&ohw=302&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

b9979f4adb828dd69b616f81295ea69ce9cf33ff781d2e464a9c79732d6f0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
439 B 1463ms
1463ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=1809848516876494&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid9%3D878332%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dscamcharge_com-medrectangle-2-878332%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D1%26bvr%3D1%26shp%3D1%26ft%3D1%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D26%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082&cookie_enabled=1&bc=23&abxe=1&lmt=1598108706&dt=1598108706630&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1103&adks=3573784229&ucis=4&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=72&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

a6da2f11470552351351bb22e413565becbe2c6b8c4f7a0569ac4096d356dfbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame F3AF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv&dcc=t

0
0

197ms
197ms

Document
text/html

52.95.118.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://scamcharge.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A49784lBi0gFkmqhYMxjQc0|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

Server: Server
Date: Sat, 22 Aug 2020 15:05:07 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 190
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A49784lBi0gFkmqhYMxjQc0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 15:05:07 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 15:05:07 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sat, 22 Aug 2020 15:05:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_r1u_dm_cnv&dcc=t
Set-Cookie: ad-id=A49784lBi0gFkmqhYMxjQc0|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 15:05:07 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032008180007000/ Frame AC45 206 KB
56 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008180007000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00c542334b61f55fa96f74059d4170a06678f7a1f166d72522bb5a9b82bc33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 323872
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57438
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 21:07:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1b1395bce1c16081"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 21:07:15 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032008180007000/v0/ Frame AC45 16 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008180007000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e540cc5dec2aea3e44dd335d2a4f6acd040f7de82289a5297beed25c0abf7913

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 323872
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5896
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 21:07:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "205a6feada5c464d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 21:07:15 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032008180007000/v0/ Frame AC45 96 KB
29 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008180007000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d41faf2069c1a240ef4ecd6535bee357952070677712d11a11175a99dc66e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 323872
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29364
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 21:07:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "46efc90c1a3bfc65"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 21:07:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032008180007000/v0/ Frame AC45 4 KB
2 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008180007000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d165aab5b4a3bc89edf04b8ea063da80cc91eef660847921c8db4e11fa82fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 323872
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 21:07:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "44fdd5a717edd61a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 21:07:15 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032008180007000/v0/ Frame AC45 47 KB
14 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032008180007000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e928fe792259e76b3818fcf35ae2dac996a300a91c0c212028b451f0104118f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 323872
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14763
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 21:07:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2ad3f0af150c700a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 21:07:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC45 6 KB
799 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 15:05:07 GMT
server: ESF
date: Sat, 22 Aug 2020 15:05:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Aug 2020 15:05:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC45 6 KB
845 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 15:05:07 GMT
server: ESF
date: Sat, 22 Aug 2020 15:05:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Aug 2020 15:05:07 GMT

GET
DATA 200
OK truncated
/ Frame AC45 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b662c1d3d8bc9504a831b8b6a79a1afda7880f7ca7c81c100b01fa79c1057dc0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC45 0
0 59ms
58ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq7qzIjRBX_ShKMOPrATnlqOoCpTKg59eovqw9O0LsJAfEAEg9PnGJWC56L6A1AGgAe6F8v8CyAEG4AIAqAMByAMKqgTVAU_Q-2aMchGGhy8lJm8EOmuwZ6ME-NB_whyxjqcygqTIXgLc5XjoSPQB1lhclIbEYRZ26SZUCwIaZvDy1E7Bp13T70F-c06kZlzRtPM9KiIIyMkbl48McSod3B6FIITsB9th3Y2vm5NnHyI4DEwVx_6pujXF_fwl9p0KQzAa96FmJSpz93Rhyji7jIDF-Yc1wX830HeFKrta5CCAazCNhBqjj8NssvVG2TZPHL7BuoHczU1yMluLhDARq6RdG84QWus4XulMUO5eo7kk7tobmOA3JY2fRcAEpM6Hip8D4AQBkgUECAQYAZIFBAgFGASgBjeAB_r5jYABqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOnDKtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzU0Mzg0NzY2ODg0ODI5M4AKA8gLAdgTDQ&sigh=xv2PY9LI-mU&template_id=492&tpd=AGWhJmuplh6t6qDWKdp1VFFBEWhi5PHgp4BdsYWBpGKG2stMEA
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame AC45 0
0 18ms
13ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQlmGaL5pgSQ7_1yX7j4ghSbIrnFDAZeQkxUfMDx2m4itplkwnqRAh9OPN3iLe2wROeCW_i-ZUK-S6xkJGxY7D9t8z4uw
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC45 2 KB
3 KB 28ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55862
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC45 295 B
735 B 27ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61906
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 34ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiOTk1In1dfV0=
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK 28687274 Show response
g.ezoic.net/dac/ 0
215 B 48ms
34ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://g.ezoic.net/dac/28687274
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/banger.js?cb=191-2&bv=83&v=35&PageSpeed=off
Protocol: HTTP/1.1
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 22 Aug 2020 15:05:07 GMT
Cache-Control: max-age=3600, public
Server: nginx/1.16.0
Content-Length: 0
Vary: Accept-Encoding
Content-Type: text/plain

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 35ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMTAwMyJ9XX1d
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 35ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg3ODMzMiIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJkZmE2MGNlZTZlMTA1M2ZjMGM5ZTYwN2M4MDQ3YmQyOCJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NzgzMzIiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDA4LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwOCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg3ODMzMiIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU1MyJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NzgzMzIiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XX1d
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 34ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDgtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19XQ==
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:03 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 34ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYXVjdGlvbl9lcG9jaCI6MTU5ODEwODcwNywiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6ODAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDI5LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XX1d
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AC45 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:04:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1238448
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sun, 08 Aug 2021 07:04:19 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ Frame AC45 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 03:20:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 906291
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Thu, 12 Aug 2021 03:20:16 GMT

GET
H/2+Q/46

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AC45
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC45 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008180007000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55862
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC45 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032008180007000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61906
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
H/2+Q/46 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008102328000/ Frame A71D 206 KB
56 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9917
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57397
x-xss-protection: 0
server: sffe
date: Sat, 22 Aug 2020 12:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d730d226616e6acf"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Aug 2021 12:19:50 GMT

GET
H/2+Q/46 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012008102328000/v0/ Frame A71D 16 KB
6 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 179854
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:33 GMT

GET
H/2+Q/46 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008102328000/v0/ Frame A71D 94 KB
28 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9929
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Sat, 22 Aug 2020 12:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Aug 2021 12:19:38 GMT

GET
H/2+Q/46 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012008102328000/v0/ Frame A71D 4 KB
3 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 179867
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:20 GMT

GET
H/2+Q/46 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012008102328000/v0/ Frame A71D 48 KB
15 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008102328000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 179867
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Thu, 20 Aug 2020 13:07:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 13:07:20 GMT

GET
H/2+Q/46 200 css
fonts.googleapis.com/ Frame A71D 7 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 13:49:01 GMT
server: ESF
date: Sat, 22 Aug 2020 15:05:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Aug 2020 15:05:07 GMT

GET
H/2+Q/46 200 css
fonts.googleapis.com/ Frame A71D 5 KB
687 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 14:57:38 GMT
server: ESF
date: Sat, 22 Aug 2020 15:05:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Aug 2020 15:05:07 GMT

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A71D 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55862
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A71D 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61906
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame A71D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc0caff0da481544695271c322beef8a1cc26075c287dad2c7f482e75ed8f4ce

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3653478383004650531/ Frame A71D 35 KB
35 KB 97ms
96ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3653478383004650531/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qnwR-lzAFqXWPxRERrGGCEhzgfa0g

Requested by

Host: scamcharge.com
URL: http://scamcharge.com/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c5ec0d785d287514784adc8d71cd351a8f4f7b662d6e9ffa0a966d3315835e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 10:45:24 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35851
x-xss-protection: 0
expires: Sun, 22 Aug 2021 15:05:07 GMT

GET
H/2+Q/46 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A71D 0
0 58ms
57ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcjMUIzRBX5Bf0Y-sBNKmtvABhabV5V7vrcHOkQy_4R4QASD0-cYlYLnovoDUAaAB_8qopALIAQapAoHmgMOcyrM-4AIAqAMByAMKqgTOAU_Q3Ou2B35MYqVfQ-zaUTpPbuRwjNK_2Ca2UbtAfaBAuVi5NL9sKM3PpC8gGqCJ56hKqE9QNoqnQDNkTcmcCopQBmRobNWL56W9PFRVkBucWaPF-2KYfgbWfxAZmSuXZNKzwA2_w2XMpRAuSunWKE4SfcxGxhPU1vgKe15V4posfeSNKjmGt8LZdhUpYVwIleFDiagCq_kxKwddA9kPQwXRXBidGJTcevsnQzllAEJfHsE5WKnNiMGDHu1dXglEOG_LPZfKoptuDiWC0GVDwASzop7-jwPgBAGgBjeAB-m019sBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMCoMdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzU0Mzg0NzY2ODg0ODI5M4AKA8gLAdgTAw&sigh=63ovVsK0xj4&template_id=492&tpd=AGWhJmvjdM80W9ureM9tYBdZokJwPT0CYzkukcm0QPw_pL6oGg
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame A71D 0
0 13ms
13ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaT3dWLAa0mENw0O8R0CK3JwOpThV4sdx4VtPAJEgEaAlQFoJv97jpKV4FXr4UiAEggMvPOJ8CFedCexNyclKTP83rV9cQ
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 28687274 Show response
g.ezoic.net/dac/ 0
215 B 30ms
28ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://g.ezoic.net/dac/28687274
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/banger.js?cb=191-2&bv=83&v=35&PageSpeed=off
Protocol: HTTP/1.1
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 22 Aug 2020 15:05:07 GMT
Cache-Control: max-age=3600, public
Server: nginx/1.16.0
Content-Length: 0
Vary: Accept-Encoding
Content-Type: text/plain

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 34ms
32ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA1MzMxIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjkwNTMzMSIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI1OGVmN2JkZGI0MzhhZjVlMjU3YzQzNzdmMzJjMjQzYSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDUzMzEiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDEyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAxMiwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjkwNTMzMSIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUyMyJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDUzMzEiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XX1d
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 36ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA1MzMxIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDgtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19XQ==
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:03 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 35ms
33ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiOTA1MzMxIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYXVjdGlvbl9lcG9jaCI6MTU5ODEwODcwNywiYWRfcG9zaXRpb24iOjExMDEsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTIwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo3MTMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dfV0=
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:03 UTC

GET
H/2+Q/46 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A71D 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:04:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1238448
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sun, 08 Aug 2021 07:04:19 GMT

GET
H/2+Q/46 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A71D 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 20:11:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 932032
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 11 Aug 2021 20:11:15 GMT

GET
H/2+Q/46

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A71D
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H/2+Q/46 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3653478383004650531/ Frame A71D 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c5ec0d785d287514784adc8d71cd351a8f4f7b662d6e9ffa0a966d3315835e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 10:45:24 GMT
server: sffe
age: 0
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35851
x-xss-protection: 0
expires: Sun, 22 Aug 2021 15:05:07 GMT

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A71D 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55862
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A71D 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61906
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
H/1.1 200
OK dark-bottom.css
scamcharge.com/ezoic/styles/ 3 KB
1 KB 34ms
34ms Stylesheet
text/css 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scamcharge.com/ezoic/styles/dark-bottom.css
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/ezoic/cookieconsent.min.js
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Aug 2020 17:47:05 GMT
Server: nginx/1.16.0
Etag: "bd7-5acee20245840-gzip"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Content-Length: 841

GET
H/2+Q/46 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
25ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200818&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f246e55152d1a5857d8c8cc7b996bd8948ee40fc701666809af89f62ad6255e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Aug 2020 15:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6266
x-xss-protection: 0

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 35ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIzNCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTI3NCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMjAifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMjI5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjI5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjE0NTEifV19XQ==
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 33ms
32ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjE1MTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTUxMCJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 36ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiMTAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:04 UTC

GET
H/2+Q/46 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200818/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 22 Aug 2020 15:05:07 GMT

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame FE0B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://scamcharge.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 22 Aug 2020 14:09:50 GMT
expires: Sun, 22 Aug 2021 14:09:50 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3317
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
174 B 40ms
39ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200818&jk=3050714760669560&bg=!kZKlkopYrYaiYxsvhvICAAAAUlIAAAAMmQGknQ9NG3sebI-5G5xQCDg_8oLuOC7s4-zPxkXgYat4Dw-buMX0t1qNfsHNijhHTmQyhphvs6vVilFci6GnftlQLY5S7AePVexmg4vyHouFpweliCWr4g7LtsK6xyoRsdcE9XOR5WMvTBtv3HrQaJUL0bGoMEvaGU07nuEO3nvRci8Y1tnE-iHIYsxr5OsUyd8F-hx_4bup0eEnCDk17gPqS_RDA1AoCdkuRS9M1ariGHbue6Hyc6WWOSR6_R3XcdEvvLqOUXdRiL73tYEtoHNPxsWKqXmUdU1-lmY1W8iVkGaaiDh2eWjaWlb8g1Vx4PmcJdVHEZGmEJEi2da4SfcKszH-juicWcNvYWKJuMYjXhi6dam4t6PiW2WBLuvtL-O2LBOq5PRn8nilVn2VAqFh1jPuva8xG_CsOvTKKtNwqe2A0pNoS1876sQ7nfdVUgt5EENThKNK9o_KcZz26mSa4IdQHe9-ilZFgcU3k6WeCafFAkiDXa8-b6LwILUl1Qj1CGgP3IDk_KMPkNfZmK_cXG4CquBwCS3ufyrNUfEBlbSApNeI

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AC45 42 B
93 B 60ms
59ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul5xWPGAvNr6dKG_rKW9r-h4Cvf6NfahkdihPHzmftOFSdueku-iJ_u2duKy5Af29OMLuulR76kRsuYZn01ap53DTkCNY7Ji3EeqmRVJMxGIFCYFS8Tj_D8byAqw&sai=AMfl-YRrS-2J1HDS5yDwHH1dUEwVNNmL2G1nYUcOnpYF8VvJRUq3hUlj88d-_QgBOYFGXIMTOiJ1ZbqVKawqLpsu-ExqY8X1YNSw7Wi-H4hfutCNDhIZZ8x5fl1C-yo&sig=Cg0ArKJSzLduTy2vxti9EAE&cid=CAASF-Roh_6ODGgGBByHYnGttlY6NcCWeYxk&id=ampim&o=1040,410&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=120&tls=1123&g=100&h=100&tt=1123&r=v&avms=ampa&adk=3927840977

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 35ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV19XQ==
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:04 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 44ms
42ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg3ODMzMiIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTA0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:11 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 34ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA1MzMxIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzM2MCwyODBdIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjkwNTMzMSIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tbGFyZ2UtYmlsbGJvYXJkLTItMCIsInRfZXBvY2giOjE1OTgxMDg3MDQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJ0cnVlIn1dfV0=
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:11 UTC

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 52ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f4e5ea1e0188b762b0b024e5b547756dcdb7a16d5e464ca533fb0afdd4dc8ec

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:09 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 09:20:11 GMT
server: nginx
etag: W/"5f3e404b-110c6"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 23 Aug 2020 15:05:09 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 52ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f4e5ea1e0188b762b0b024e5b547756dcdb7a16d5e464ca533fb0afdd4dc8ec

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:09 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 09:20:11 GMT
server: nginx
etag: W/"5f3e404b-110c6"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 23 Aug 2020 15:05:09 GMT

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 36F0 0
0 76ms
24ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://scamcharge.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Sat, 22 Aug 2020 15:05:09 GMT
Connection: keep-alive

GET
H/1.1 204
No Content Cookie set beacon
ap.lijit.com/ Frame 6F3D 0
0 23ms
23ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=8711458
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/dall3202c.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://scamcharge.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=64986926ac620aafe743ef0e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://scamcharge.com/

Response headers

Server: nginx
Date: Sat, 22 Aug 2020 15:05:09 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sun, 22-Aug-2021 15:05:09 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=64986926ac620aafe743ef0e;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
300 B 311ms
311ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=4460844091345078&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C21067036%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=3&rcs=1&prev_scp=iid9%3D878332%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dscamcharge_com-medrectangle-2-878332%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D1%26bvr%3D1%26shp%3D1%26ft%3D1%26br1%3D90%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D26%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C19%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D100%26reqt%3D1598108709982&eri=1&cookie=ID%3D1f7e824099a2d80f%3AT%3D1598108706%3AS%3DALNI_MYo3p0m366v20ia_KFsAMbF6L5w9A&bc=23&abxe=1&lmt=1598108709&dt=1598108709986&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1103&adks=3573784229&ucis=5&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=71&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

6f36002b30f18782dd61256df0a8a4829d0f06c71135408f458c8ed280e9c4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
276 B 308ms
308ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=425593879703763&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C21067036%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=iid9%3D882331%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dscamcharge_com-large-leaderboard-1-882331%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D3%26ft%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D140%26reqt%3D1598108709988&eri=1&cookie=ID%3D1f7e824099a2d80f%3AT%3D1598108706%3AS%3DALNI_MYo3p0m366v20ia_KFsAMbF6L5w9A&bc=23&abxe=1&lmt=1598108709&dt=1598108709990&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=1766&adks=3927301509&ucis=6&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=71&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=360x271&msz=302x252&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=4&ohw=302&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

23fb18a59bb973d0dd5899e9990b6f0ec7283e5a32bddc1e83208a9d0237122f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 194ms
193ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=3055129821764569&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C21067036%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=2&prev_scp=iid9%3D878332%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dscamcharge_com-medrectangle-2-878332%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D1%26bvr%3D1%26shp%3D1%26ft%3D1%26br1%3D0%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D26%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C19%2C18%2C19%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D90%26reqt%3D1598108710499%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D1f7e824099a2d80f-22dac1c7b9b600cf%3AT%3D1598108710%3AS%3DALNI_MY6ZG6ZRr7O9pSqoM8m6AT-EWi-6Q&bc=23&abxe=1&lmt=1598108710&dt=1598108710512&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1103&adks=3573784229&ucis=7&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=71&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

f2b7c3364857a1a08af51fa40f7e3d192533782fd02b4d5021738cb769a2a9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10915
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 327 B
172 B 304ms
304ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=835515514554528&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C21067036%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=iid9%3D882331%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dscamcharge_com-large-leaderboard-1-882331%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D3%26ft%3D1%26br1%3D100%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D140%26reqt%3D1598108710520&eri=1&cookie=ID%3D1f7e824099a2d80f-22dac1c7b9b600cf%3AT%3D1598108710%3AS%3DALNI_MY6ZG6ZRr7O9pSqoM8m6AT-EWi-6Q&bc=23&abxe=1&lmt=1598108710&dt=1598108710525&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=1766&adks=3927301509&ucis=8&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=71&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=360x271&msz=302x252&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=4&ohw=302&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

12c2dbd314c90f354e7f2311cf8c3c3db9512f64cfbf7184f2be16657fc5faa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/022008102328000/ Frame D578 206 KB
56 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022008102328000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0e0da067dc8200d8cd8504b1fcf7ac18692c609d24a6cd481423af666dd492

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327264
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57425
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 20:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "44a79376aeabb668"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:10:46 GMT

GET
H/2+Q/46 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/022008102328000/v0/ Frame D578 16 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022008102328000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327264
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5905
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 20:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3ad1eb5461ef0024"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:10:46 GMT

GET
H/2+Q/46 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/022008102328000/v0/ Frame D578 94 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022008102328000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327264
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28844
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 20:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7dfeab575efd177f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:10:46 GMT

GET
H/2+Q/46 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/022008102328000/v0/ Frame D578 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022008102328000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327264
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 20:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fce00afb81e6c42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:10:46 GMT

GET
H/2+Q/46 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/022008102328000/v0/ Frame D578 48 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022008102328000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327264
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14952
x-xss-protection: 0
server: sffe
date: Tue, 18 Aug 2020 20:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aacd301e108e3900"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:10:46 GMT

GET
H/2+Q/46 200 css
fonts.googleapis.com/ Frame D578 5 KB
733 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 14:58:12 GMT
server: ESF
date: Sat, 22 Aug 2020 15:05:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Aug 2020 15:05:10 GMT

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D578 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55865
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D578 295 B
324 B 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61909
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame D578 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99fbb9d86dd8d0b380dd893d14afef2e5a0dcd494501329043e28c67e193998a

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame D578 0
0 13ms
13ms Image
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaSI8sU86i8Q_OdqBQpKJzsoenEGc_fxf2CyDQviZb-SFVwu7CT402lpvRFDPQSw55kbw5P-
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D578 0
0 59ms
58ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4r88JjRBX6yTIpeArASJrI2YC8fOrLpdt7aLv8ILwI23ARABIPT5xiVguei-gNQBoAGDgbX7AsgBAakCIBkSkYWwTD7gAgCoAwHIAwqqBNIBT9Cv0oyRnP6p6vKpGXEU-yfX0zjR2fFWjSNNr8QjG4sBL5C8r1XwQ8qNcASlX9KXkEFSGp-T3dvsTbCGjdy9jzr3O0jKOMTEJ9CayLC6QA2oFXvJku37ZxOz_8TqBgg_9tkxqQePWvcuLacEtZhcyOKvHbPX1NgHf1U8r_lUBw0mPXaq_3oAC0jlicKBcMrF3DJ6HHlrHNqHb0OIFB9xh4dqmz3Mq-JZDIUV3OGdoraSHZmo12ghlfXzfAXRWMdzVTlAqVMNPZYJ7YTieG9T6l8KwASpy_Ds7wLgBAGSBQQIBBgBkgUECAUYBKAGUYAH5f7KhAGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQiqAK0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi03NTQzODQ3NjY4ODQ4MjkzgAoDyAsB2BMK&sigh=lsFSZXZmvKc&tpd=AGWhJmtbdbSu3BtpuFYszbNQXVqNcMa9EziGVIYr1pwJxPXylQ
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 4817735420 Show response
g.ezoic.net/dac/ 0
215 B 38ms
32ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://g.ezoic.net/dac/4817735420
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/porpoiseant/banger.js?cb=191-2&bv=83&v=35&PageSpeed=off
Protocol: HTTP/1.1
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 22 Aug 2020 15:05:10 GMT
Cache-Control: max-age=3600, public
Server: nginx/1.16.0
Content-Length: 0
Vary: Accept-Encoding
Content-Type: text/plain

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 41ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NzgzMzIiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwMDIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAwMDIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQkUiLCJwYWdldmlld19pZCI6IjA0YTUxNmEyLTRhMTQtNDU4Yy03MGU0LTgwYzJiNGRhYWMxMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDYxMDU4NDIifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0ODE3NzM1NDIwIn1dfV0=
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:13 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 39ms
34ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMC0wOC0yMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:13 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 38ms
32ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYXVjdGlvbl9lcG9jaCI6MTU5ODEwODcxMSwiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTAwLCJiaWRfZmxvb3JfcHJldiI6OTAsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjIwNiwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV19XQ==
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:07 UTC

GET
H/2+Q/46 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D578 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 20:11:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 932035
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 11 Aug 2021 20:11:15 GMT

GET
H/2+Q/46 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D578 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://scamcharge.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:04:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1238451
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sun, 08 Aug 2021 07:04:19 GMT

GET
H/2+Q/46 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D578 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55865
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 22 Aug 2020 23:34:05 GMT

GET
H/2+Q/46 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D578 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022008102328000/amp4ads-v0.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 Aug 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 61909
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 22 Aug 2020 21:53:21 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 161 KB
48 KB 225ms
224ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050714760669560&correlator=2012482406431124&output=ldjh&impl=fif&adsid=NT&eid=21067043%2C21067118%2C21067036%2C44725623&vrg=2020081801&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200822&iu_parts=1254144%2Cscamcharge_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=iid9%3D882331%26t%3D134%26d%3D47152%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Dscamcharge_com-large-leaderboard-1-882331%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%26asau%3D4285808021%26bv%3D0%26bvm%3D3%26bvr%3D2%26shp%3D3%26ft%3D1%26br1%3D0%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C18%2C19%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D100%26reqt%3D1598108711032%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D1f7e824099a2d80f-22dac1c7b9b600cf%3AT%3D1598108710%3AS%3DALNI_MY6ZG6ZRr7O9pSqoM8m6AT-EWi-6Q&bc=23&abxe=1&lmt=1598108711&dt=1598108711034&dlt=1598108706061&idt=524&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=1766&adks=3927301509&ucis=9&sps=channel,,3728360715|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fscamcharge.com%2F&dssz=70&icsg=52776554713002&std=0&vis=1&scr_x=0&scr_y=0&psz=360x271&msz=302x252&ga_vid=2128074557.1598108706&ga_sid=1598108706&ga_hid=473790616&ga_fc=true&ga_wpids=UA-97838217-27&fws=4&ohw=302&btvi=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081801.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

9ecb46606bd5f919c7e3fa04b31f71eb965079dfcd7963c9af4d9e49c1628c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48790
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://scamcharge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D578 42 B
88 B 41ms
40ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKVbbINj9GU5uHjyS-N7fl8AkyVJ-FFJmgNzacV9VGWwwgVpRjnINFnoqzMGADnhJfRyCZhfCVD4qI3qWrH_E50EHy8UIaeRGcvK0UB8jEG9OnY3Wd4u20UTTRnA&sai=AMfl-YQJmodCzwNXxPmXn4LQtyneER6r6VxC_xzvuhog2Fb-xXz3K4V1Bqxoy8Nn-pC7Fc6E0b_LKiCHPjScU3U3Ba3Z8GQVYUsUtfKgLqjOSmpCSGbQWoofkaPaRdAAMrA&sig=Cg0ArKJSzLiDBeuTXRnQEAE&cid=CAASPeRo7uw4G0wHDrZt9ueK6DbqWiXt_F3eVr1fHuOKEMlrc2Ac2nVyIo5ZqC3x0dbssjC2peCDm20rMz63nq8&id=ampim&o=315,1108&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=123&tls=1123&g=100&h=100&tt=1123&r=v&avms=ampa&adk=3573784229

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 35ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:11 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:08 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 37ms
37ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDkwXSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NzgzMzIiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:08 UTC

GET
H/1.1 200
OK audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 14ms
8ms Script
application/javascript 2600:9000:20eb:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Requested by: Host: scamcharge.com
URL: http://scamcharge.com/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 05:08:01 GMT
Via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 08 Aug 2020 07:27:58 GMT
Server: nginx/1.16.0
Age: 986231
ETag: "335-5ac58a91e7b80;5ac58a91e7b80-gzip"
Vary: Accept-Encoding,Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 821
X-Amz-Cf-Id: YHD0kRjkyKHhWUHV_C9ELVCdwLtWTnXexUmC6WqArY48M-nBPCClKQ==

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 36ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTY0In1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg4MjMzMSIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQzMyJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NzgzMzIiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUzLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiOSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDUzMzEiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYxIn1dfV0=
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:15 UTC

GET
H/1.1 200
OK army.gif
scamcharge.com/porpoiseant/ 43 B
368 B 35ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg4MjMzMSIsImRvbWFpbl9pZCI6IjQ3MTUyIiwidW5pdCI6ImRpdi1ncHQtYWQtc2NhbWNoYXJnZV9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTc2NSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV19LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODc4MzMyIiwiZG9tYWluX2lkIjoiNDcxNTIiLCJ1bml0IjoiZGl2LWdwdC1hZC1zY2FtY2hhcmdlX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTU5ODEwODcwNCwiYWRfcG9zaXRpb24iOjExMDQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJCRSIsInBhZ2V2aWV3X2lkIjoiMDRhNTE2YTItNGExNC00NThjLTcwZTQtODBjMmI0ZGFhYzEyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNDEwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDUzMzEiLCJkb21haW5faWQiOiI0NzE1MiIsInVuaXQiOiJkaXYtZ3B0LWFkLXNjYW1jaGFyZ2VfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNTk4MTA4NzA0LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkJFIiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDEwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDY5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XX1d
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:09 UTC

GET
H2

200

quant.js Show response
edge.quantserve.com/
Redirect Chain

http://edge.quantserve.com/quant.js
https://edge.quantserve.com/quant.js

22 KB
8 KB

24ms
10ms

Script
application/x-javascript

2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.quantserve.com/quant.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 15:05:12 GMT
content-encoding: gzip
last-modified: Sat, 22-Aug-2020 15:05:12 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Sat, 29 Aug 2020 15:05:12 GMT

Redirect headers

Location: https://edge.quantserve.com/quant.js
Date: Sat, 22 Aug 2020 15:05:12 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Sun, 23 Aug 2020 15:05:12 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 50ms
35ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: http://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 23 Aug 2020 15:05:12 GMT

GET
H2

200

rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-31iz6hfFutd16.js
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js

3 B
349 B

29ms
9ms

Script
application/x-javascript

2600:9000:2182:9c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:9c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 18:52:12 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 72781
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: oR1IbKyFa91Zya_8KcwCdq5JPXrdbDAveW8aJHZEfO4RKrqsbwu0dA==

Redirect headers

Date: Sat, 22 Aug 2020 15:05:12 GMT
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: fYoJN5eKZwCkUC8fL9I-dHBC4FCURnJTvl2LTrtdDXyB4wczooaFyA==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9=&cs_ak_ss=1

0
528 B

28ms
27ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Aug 2020 15:05:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1598108712599&ns_c=UTF-8&cv=3.5&c8=Scam%20Charge&c7=http%3A%2F%2Fscamcharge.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 22 Aug 2020 15:05:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=1;qjs=1;qv=35f667c6-20200713...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=...
https://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce...

35 B
371 B

8ms
7ms

Image
image/gif

2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=scamcharge.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598108712641;tzo=-120;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 15:05:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=1880126790;labels=Domain.scamcharge_com%2CDomainId.47152;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fscamcharge.com%2F;fpan=1;fpa=P0-186354384-1598108712641;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=scamcharge.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598108712641;tzo=-120;ogl=
Date: Sat, 22 Aug 2020 15:05:12 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Sun, 23 Aug 2020 15:05:12 GMT

GET
H/1.1 200
OK greenoaks.gif
scamcharge.com/detroitchicago/ 43 B
368 B 35ms
35ms Image
image/gif 34.247.123.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://scamcharge.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwNGE1MTZhMi00YTE0LTQ1OGMtNzBlNC04MGMyYjRkYWFjMTIiLCJkb21haW5faWQiOiI0NzE1MiIsInRfZXBvY2giOjE1OTgxMDg3MDQsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMTIxODk4In0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjMifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMzM1NzI4In0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI1NTk4NDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjM0OTkifV19XQ==
Protocol: HTTP/1.1
Server: 34.247.123.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-123-251.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://scamcharge.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 15:05:14 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: ezp_sol
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Content-Length: 43
Expires: Fri, 21 Aug 2020 15:05:10 UTC

Verdicts & Comments Add Verdict or Comment

308 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazon-adsystem.com/	1970-01-21 08:42:11	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 17:14:49	Name: ad-id Value: A49784lBi0gFkmqhYMxjQc0
.doubleclick.net/	1970-01-19 21:16:44	Name: IDE Value: AHWqTUkdcoix1y_dlpKD3XGg-HPwhy7IB2ggNevkhWU3oz-mi7PAY4ikNpcBAKoG
.doubleclick.net/	1970-01-19 11:55:12	Name: DSID Value: NO_DATA
scamcharge.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 120
scamcharge.com/	1969-12-31 23:59:59	Name: ezouspva Value: 2
.scamcharge.com/	1970-01-20 05:26:20	Name: __gads Value: ID=5b4d5ce07682b8b2:T=1598108706:S=ALNI_MY6kz4YjHHVcv0KK5ojppYMmGE1zw
.scamcharge.com/	1970-01-19 11:56:35	Name: _gid Value: GA1.2.1649483071.1598108706
.scamcharge.com/	1970-01-19 11:55:10	Name: ezopvc_47152 Value: 1
.scamcharge.com/	1970-01-19 11:55:10	Name: ezoadgid_47152 Value: -1
.scamcharge.com/	1970-01-19 11:55:10	Name: __utmb Value: 43346855.2.10.1598108706
scamcharge.com/	1970-01-19 20:40:44	Name: ezux_lpl_47152 Value: 1598108707530\|04a516a2-4a14-458c-70e4-80c2b4daac12\|false
.scamcharge.com/	1970-01-19 11:55:09	Name: __utmt_e Value: 1
scamcharge.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 200
.scamcharge.com/	1969-12-31 23:59:59	Name: __utmc Value: 43346855
scamcharge.com/	1970-01-22 01:14:20	Name: ezohw Value: w%3D1600%2Ch%3D1200
.scamcharge.com/	1970-01-19 11:55:08	Name: _gat Value: 1
.scamcharge.com/	1970-01-20 05:26:20	Name: _ga Value: GA1.2.2128074557.1598108706
.scamcharge.com/	1970-01-20 05:26:20	Name: __utma Value: 43346855.2128074557.1598108706.1598108706.1598108706.1
.scamcharge.com/	1970-01-19 20:40:44	Name: ezCMPCCS Value: true
.scamcharge.com/	1970-01-19 11:55:09	Name: __utmt_f Value: 1
.scamcharge.com/	1970-01-19 11:55:10	Name: ezovuuid_47152 Value: 50b12a42-ff56-494b-5244-6ab71f3db7a9
.scamcharge.com/	1970-01-19 11:58:01	Name: ezovuuidtime_47152 Value: 1598108706
.scamcharge.com/	1970-01-20 05:26:20	Name: ezosuigeneris Value: ea29e20e40deeee1808d5243d79b55f7
.scamcharge.com/	1970-01-19 11:55:10	Name: ezovid_47152 Value: 976118652
.scamcharge.com/	1970-01-19 16:17:56	Name: __utmz Value: 43346855.1598108706.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
scamcharge.com/	1970-01-22 01:14:20	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.scamcharge.com/	1970-01-19 11:55:15	Name: lp_47152 Value: http://scamcharge.com/
.scamcharge.com/	1970-01-19 11:56:35	Name: ezepvv Value: 0
.scamcharge.com/	1970-01-19 11:58:01	Name: active_template::47152 Value: pub_site.1598108704
.scamcharge.com/	1970-01-19 11:55:15	Name: ezoab_47152 Value: mod1
.scamcharge.com/	1970-01-19 11:55:15	Name: ezoref_47152 Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/032008180007000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008180007000 http://scamcharge.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 http://scamcharge.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/022008102328000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2008102328000 http://scamcharge.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ap.lijit.com
as-sec.casalemedia.com
b.scorecardresearch.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.ampproject.org
cf99c4db37b076ddc3e1e7a7acd8cf46.safeframe.googlesyndication.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezoic.net
googleads.g.doubleclick.net
ib.adnxs.com
js-sec.indexww.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
scamcharge.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
13.226.145.204
178.250.0.165
18.156.95.187
185.33.220.240
2.16.186.80
216.58.207.66
23.210.249.164
23.37.53.17
2600:9000:20eb:c400:2:cb38:840:93a1
2600:9000:2182:9c00:6:44e3:f8c0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c04::9b
2a02:2638:1::3
34.247.123.251
52.95.118.60
72.251.249.14
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08d165aab5b4a3bc89edf04b8ea063da80cc91eef660847921c8db4e11fa82fa
08d41faf2069c1a240ef4ecd6535bee357952070677712d11a11175a99dc66e9
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d1b4f5a639b92082efa4d4594d7dfecd5e1a4e1f0c3ba9db057da7b95045eef
0f4e5ea1e0188b762b0b024e5b547756dcdb7a16d5e464ca533fb0afdd4dc8ec
0fadd83464640fea2e28bf01fdd092956772ff393ab5399a496d1caec4170cb4
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12c2dbd314c90f354e7f2311cf8c3c3db9512f64cfbf7184f2be16657fc5faa8
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa
203a1218e57e160a9bd9533ed8ac9d755feeb6249f8e0ba7ddb85a3ace770f45
20ff07016229ae6b852b19a17102013ae18f5355aa776b7b8fcb258cbacddaa6
23c35871bd433283c634753bf3cc4db2d86aabe41b910b8fae020c6f35698756
23fb18a59bb973d0dd5899e9990b6f0ec7283e5a32bddc1e83208a9d0237122f
339cd03f5cdb19955deb7ec86ace8fed50429569ab1b7c36b226ed256b1632ae
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3e928fe792259e76b3818fcf35ae2dac996a300a91c0c212028b451f0104118f
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
5635594e9321b7b9299e35844b2f9fdb21ef29e31616bc6ad76ff33d7f92cd32
591faf87176bd2d6effd08a861e2e2f27f7c300c16cad9005be3e03bab8f37f3
5bc767e0136291b0abb947693317a7198e415abca8e94fa3e80fcb968805b9c2
5f157eaeebd80fe5f89ac54d13bd68bdc12e8f68cfbc6bae75270adf4a1510ad
64f791cf5b11444b177786340186cb3ef3ed1c39938f49bc9d4a69bd21ba076d
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
6cd9802d6aa7930cd0b7c11f74e506e83174e4601dcdf39406c7552032db5aad
6f36002b30f18782dd61256df0a8a4829d0f06c71135408f458c8ed280e9c4fb
744f285380d50300c5f78b4a0e9b08f9cd096894251f5965264df5c21c287479
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd
7f246e55152d1a5857d8c8cc7b996bd8948ee40fc701666809af89f62ad6255e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9966622db8014a14d04280f587a00bebe22ecb04bdc0191042079d8d202f9649
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
99fbb9d86dd8d0b380dd893d14afef2e5a0dcd494501329043e28c67e193998a
9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883
9ecb46606bd5f919c7e3fa04b31f71eb965079dfcd7963c9af4d9e49c1628c48
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09
a5e145eadf3c0d2ca018da2d25a02de55ac0f70874da8bba148713fa326f278c
a6da2f11470552351351bb22e413565becbe2c6b8c4f7a0569ac4096d356dfbc
aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e
abe55308043385eda5e50ad0d11db469124dd32bdb88029f65a5f4e7d1ce4216
b29b85290e9919313012c013e9b0ccc4b1255e827eb79dbd5ba5c719190c14b8
b662c1d3d8bc9504a831b8b6a79a1afda7880f7ca7c81c100b01fa79c1057dc0
b9979f4adb828dd69b616f81295ea69ce9cf33ff781d2e464a9c79732d6f0333
ba35f7b142be718049cd5ac882e146196c10a18fac769f188892fa5a49c33f20
bf33cc61b80766252df5ad16b9c69ada37567a53eacc2b5473c805eec31224ef
c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c664122c2d9b82a6cc8600a5c40ee5f67a258b1ce0091276e833ccd91e990341
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0caff0da481544695271c322beef8a1cc26075c287dad2c7f482e75ed8f4ce
ceb27021e5c3609504b0f674dca3ddfa6ce9c66ef7555ef26db489fad0eb8fa3
d00c542334b61f55fa96f74059d4170a06678f7a1f166d72522bb5a9b82bc33b
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
db7e3dbd119ad989062d580a95a29163e4d321d82f7fc881ecc4bfa183687357
dc097a143b892674cddf1bfd0501dc56dad0eb5edaf5ded1010c2663c9f5e4d9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddfe0d7a18436b1fb99b8ae075674b4764b37b113331b0c45b4c99cf5599d7de
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e540cc5dec2aea3e44dd335d2a4f6acd040f7de82289a5297beed25c0abf7913
e5a09086006e589664ab19aa38b428dcba39b05a59a00e12a4f28a9b376e3b0e
e5e4c5b74b4cdb4c6badcb2f87ccebac15343ff348c3cac7345fbfcb54f9016b
ec21aac4031dc5c23e1d40e2ed211253ba70f67dce54bf03850ad5dd7b9d4e42
ee3df06d8d78abdd33ee36b24b07344fbd5edf66f1129f1d313c83aef4c7805b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f125fd246e10689d46bc3c7c529be4f784c9adf3f80f0790a3532f7efd01b012
f2b7c3364857a1a08af51fa40f7e3d192533782fd02b4d5021738cb769a2a9ad
f6c5ec0d785d287514784adc8d71cd351a8f4f7b662d6e9ffa0a966d3315835e
fb0e0da067dc8200d8cd8504b1fcf7ac18692c609d24a6cd481423af666dd492
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

scamcharge.com Open in urlscan Pro 34.247.123.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

159 Requests

58 %HTTPS

58 %IPv6

21 Domains

30 Subdomains

26 IPs

7 Countries

1371 kBTransfer

3643 kBSize

32 Cookies

2 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

scamcharge.com Open in urlscan Pro
34.247.123.251 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

58 %
HTTPS

58 %
IPv6

21
Domains

30
Subdomains

26
IPs

7
Countries

1371 kB
Transfer

3643 kB
Size

32
Cookies

159 HTTP transactions
0 data transactions