amazonspinandwin.qaafira.com Open in urlscan Pro
2a00:1450:4001:819::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amazonspinandwin.qaafira.com/
Submission: On December 21 via automatic, source certstream-suspicious (December 21st 2019, 12:06:11 pm UTC)

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 2a00:1450:4001:819::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is amazonspinandwin.qaafira.com.
TLS certificate: Issued by GTS CA 1D2 on December 21st 2019. Valid for: 3 months.

This is the only time amazonspinandwin.qaafira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a00:1450:400... 2a00:1450:4001:819::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:205... 2600:9000:2057:5000:1a:a6:7f00:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	51.15.77.27 51.15.77.27	12876 (Online SAS) (Online SAS)
2 6	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
14	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
4	54.210.152.70 54.210.152.70	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	195.181.175.7 195.181.175.7	60068 (CDN77) (CDN77)
2 2	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	104.18.21.150 104.18.21.150	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS - Total Uptime Technologies)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	216.21.13.10 216.21.13.10	53334 (TUT-AS) (TUT-AS - Total Uptime Technologies)
63	18

8 2a00:1450:4001:819::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

amazonspinandwin.qaafira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5000:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.77.27 (Netherlands)

ASN12876 (Online SAS, FR)
PTR: 27-77-15-51.rev.cloud.scaleway.com

image.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p376822.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybestdc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.210.152.70 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-152-70.compute-1.amazonaws.com

distoryrussion.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p376822.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.80 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.21.150 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

stwilliongorgeti.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.252.214.5 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)

adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

zjwesu29zsc4.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

zjwesu29zsc4.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

zjwesu29zsc4.s.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.10 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	imgur.com i.imgur.com	105 KB
9	adsco.re c.adsco.re 6.adsco.re adsco.re zjwesu29zsc4.l.adsco.re zjwesu29zsc4.n.adsco.re zjwesu29zsc4.s.adsco.re	15 KB
8	qaafira.com amazonspinandwin.qaafira.com	12 KB
6	mycdn.co p376822.mycdn.co	92 KB
6	blogspot.com 1.bp.blogspot.com	106 KB
4	distoryrussion.info distoryrussion.info	383 B
4	mybestdc.com mybestdc.com	28 KB
2	stwilliongorgeti.info stwilliongorgeti.info	767 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	popads.net c1.popads.net serve.popads.net	9 KB
2	clksite.com 2 redirects p376822.clksite.com	496 B
2	cloudfront.net dc5k8fg5ioc8s.cloudfront.net	38 KB
1	ibb.co image.ibb.co	90 KB
1	googleapis.com ajax.googleapis.com	33 KB
63	14

	Domain	Requested by
14	i.imgur.com	amazonspinandwin.qaafira.com
8	amazonspinandwin.qaafira.com	amazonspinandwin.qaafira.com
6	p376822.mycdn.co	mybestdc.com p376822.mycdn.co amazonspinandwin.qaafira.com
6	1.bp.blogspot.com	amazonspinandwin.qaafira.com
4	distoryrussion.info	amazonspinandwin.qaafira.com dc5k8fg5ioc8s.cloudfront.net
4	mybestdc.com	amazonspinandwin.qaafira.com p376822.mycdn.co
2	adsco.re	c.adsco.re
2	6.adsco.re	amazonspinandwin.qaafira.com c.adsco.re
2	c.adsco.re	c1.popads.net c.adsco.re
2	stwilliongorgeti.info	amazonspinandwin.qaafira.com dc5k8fg5ioc8s.cloudfront.net
2	secure.adnxs.com	2 redirects
2	p376822.clksite.com	2 redirects
2	dc5k8fg5ioc8s.cloudfront.net	amazonspinandwin.qaafira.com dc5k8fg5ioc8s.cloudfront.net
1	serve.popads.net	c1.popads.net
1	zjwesu29zsc4.s.adsco.re	c.adsco.re
1	zjwesu29zsc4.n.adsco.re	c.adsco.re
1	zjwesu29zsc4.l.adsco.re	c.adsco.re
1	c1.popads.net	amazonspinandwin.qaafira.com
1	image.ibb.co	amazonspinandwin.qaafira.com
1	ajax.googleapis.com	amazonspinandwin.qaafira.com
63	20

This site contains links to these domains. Also see Links.

Domain
adsco.re
gplinks.in
www.blogger.com

Subject Issuer	Validity	Valid
amazonspinandwin.qaafira.com GTS CA 1D2	`2019-12-21` - `2020-03-20`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
ibb.co Let's Encrypt Authority X3	`2019-11-28` - `2020-02-26`	3 months	crt.sh
*.mybestdc.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-11` - `2020-07-21`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
distoryrussion.info Amazon	`2019-11-28` - `2020-12-28`	a year	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2019-10-10` - `2020-10-21`	a year	crt.sh
1355769017.rsc.cdn77.org Let's Encrypt Authority X3	`2019-11-04` - `2020-02-02`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-15` - `2020-10-09`	10 months	crt.sh
*.adsco.re COMODO RSA Organization Validation Secure Server CA	`2017-09-26` - `2020-09-25`	3 years	crt.sh
*.l.adsco.re COMODO RSA Domain Validation Secure Server CA	`2018-07-14` - `2020-07-13`	2 years	crt.sh
*.n.adsco.re COMODO RSA Domain Validation Secure Server CA	`2018-07-30` - `2020-07-29`	2 years	crt.sh
*.s.adsco.re COMODO RSA Domain Validation Secure Server CA	`2018-07-30` - `2020-07-29`	2 years	crt.sh
*.popads.net Sectigo RSA Domain Validation Secure Server CA	`2019-10-29` - `2021-10-29`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://amazonspinandwin.qaafira.com/
Frame ID: A61B2F70775D5CCCD44F69F0A875EB88
Requests: 59 HTTP requests in this frame

Frame: https://p376822.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 5578668033B84F1ABDBDDA8E79360976
Requests: 2 HTTP requests in this frame

Frame: https://p376822.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 9ADE501641F82A948DFD20C4D786F5DA
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: EF1A8F1E5A59236C95ABB48A672B27B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

94 %
HTTPS

28 %
IPv6

14
Domains

20
Subdomains

18
IPs

5
Countries

529 kB
Transfer

909 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title: Click Here

Search URL Search Domain Scan URL

URL: https://gplinks.in/ref/samyakkosode99

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://p376822.clksite.com/adServe/banners?tid=376822_739430_11 HTTP 301
https://mybestdc.com/adServe/banners?tid=376822_739430_11

Request Chain 19

https://p376822.clksite.com/adServe/banners?tid=376822_739430_13 HTTP 301
https://mybestdc.com/adServe/banners?tid=376822_739430_13

Request Chain 48

https://secure.adnxs.com/getuid?https://stwilliongorgeti.info/s?a=$UID&b=210248344324 HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fstwilliongorgeti.info%2Fs%3Fa%3D%24UID%26b%3D210248344324 HTTP 302
https://stwilliongorgeti.info/s?a=5918688991377246323&b=210248344324

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amazonspinandwin.qaafira.com/ 37 KB
9 KB 269ms
218ms Document
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

6c9b0d23329fa987e7fcca84960a91b5b4e71f8802fd65c30e2f31857de5d688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: amazonspinandwin.qaafira.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Sat, 21 Dec 2019 12:05:49 GMT
date: Sat, 21 Dec 2019 12:05:49 GMT
cache-control: private, max-age=0
last-modified: Sat, 21 Dec 2019 11:15:17 GMT
etag: W/"63526ed599e136266f4a07bd4bf265788bb14f62d947e6906211c7b57285ed8a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9433
server: GSE

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 11:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2680707
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 11:27:22 GMT

GET
H2 404 detect.js
amazonspinandwin.qaafira.com/ 0
0 188ms
181ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/detect.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 P6T3E4rD3c.js
amazonspinandwin.qaafira.com/ 0
0 190ms
183ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/P6T3E4rD3c.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 103 KB
38 KB 213ms
174ms Script
text/plain 2600:9000:2057:5000:1a:a6:7f00:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=826139
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:5000:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: c65c820eaee76d8f4e87d375152b7b7995d6356117ddd27b31a68f57ffffe181

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:49 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-origin: *
content-length: 38301
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: CzheDIIJtLmb8nTZkail9lMasGICGvQtQYbm1fAEg0myLENuzpUPVQ==

GET
H2 200 images%2B%252825%2529.jpeg
1.bp.blogspot.com/-Z_lMtZbh_LM/XaNEHaS4L5I/AAAAAAAACvA/MoHXPl5Py-kAPahe8ZI5qe1DJ4x0kVWIgCLcBGAsYHQ/s320/ 9 KB
10 KB 40ms
17ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Z_lMtZbh_LM/XaNEHaS4L5I/AAAAAAAACvA/MoHXPl5Py-kAPahe8ZI5qe1DJ4x0kVWIgCLcBGAsYHQ/s320/images%2B%252825%2529.jpeg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

045ae2171eeed0c2b6c6bdfb4ed361eb8bc69bea8b93ef7622505b7a85bba93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="images (25).jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9542
x-xss-protection: 0
server: fife
etag: "vaf1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 900x250.png
image.ibb.co/hspF4T/ 90 KB
90 KB 74ms
28ms Image
image/png 51.15.77.27
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/hspF4T/900x250.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.77.27 , Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 27-77-15-51.rev.cloud.scaleway.com
Software: nginx /
Resource Hash: 67d986f0742b349ea2ecef81c55262c31ff3c8844d789bbc5ded3c6971d3f858

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
last-modified: Mon, 30 Jul 2018 04:26:38 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
content-type: image/png
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 91923
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookienotice.js Show response
amazonspinandwin.qaafira.com/js/ 6 KB
2 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/js/cookienotice.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Dec 2019 21:48:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Sat, 28 Dec 2019 12:05:49 GMT

GET tabs-1.css
amazonspinandwin.qaafira.com/css/ 0
0

GET
H2 404 jquery.tools.min.js
amazonspinandwin.qaafira.com/ 0
0 178ms
178ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/jquery.tools.min.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

banners Show response
mybestdc.com/adServe/
Redirect Chain

https://p376822.clksite.com/adServe/banners?tid=376822_739430_11
https://mybestdc.com/adServe/banners?tid=376822_739430_11

34 KB
13 KB

518ms
134ms

Script
text/javascript

173.192.101.24
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://mybestdc.com/adServe/banners?tid=376822_739430_11
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 11bf548c41493005c6201d53cfa0ed3e3f77b04dadafc8ec2d7f665c8a2a9731

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Dec 2019 12:05:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://mybestdc.com/adServe/banners?tid=376822_739430_11
Date: Sat, 21 Dec 2019 12:05:50 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 178
Content-Type: text/html

GET
H2 200 SYumuO7.png
i.imgur.com/ 4 KB
4 KB 102ms
52ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/SYumuO7.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 2072471
x-cache: HIT, HIT
status: 200
content-length: 4426
x-served-by: cache-bwi5144-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:43:23 GMT
server: cat factory 1.0
x-timer: S1576929950.829074,VS0,VE1
etag: "88ca33535639bc0189d81baf4f5f8f11"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 FmkU9Sb.png
i.imgur.com/ 35 KB
36 KB 71ms
22ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/FmkU9Sb.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: f23ac87798b30302961aa12587b5c581bd85f6c341437505917e3fd69848c388

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 15049335
x-cache: HIT, HIT
status: 200
content-length: 36299
x-served-by: cache-bwi5123-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:43:35 GMT
server: cat factory 1.0
x-timer: S1576929950.829389,VS0,VE1
etag: "516b7a6f63ffc1cf987c880030596b2c"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 w5SlQI0.png
i.imgur.com/ 7 KB
7 KB 104ms
55ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/w5SlQI0.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 7371395
x-cache: HIT, HIT
status: 200
content-length: 7358
x-served-by: cache-bwi5149-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:43:47 GMT
server: cat factory 1.0
x-timer: S1576929950.829422,VS0,VE1
etag: "9272f53af67f64716c4a5f611fe012c2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 yzsVAU9.png
i.imgur.com/ 7 KB
7 KB 99ms
50ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/yzsVAU9.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 13413578
x-cache: HIT, HIT
status: 200
content-length: 7358
x-served-by: cache-bwi5137-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:44:00 GMT
server: cat factory 1.0
x-timer: S1576929950.829393,VS0,VE1
etag: "9272f53af67f64716c4a5f611fe012c2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 45tLaaV.png
i.imgur.com/ 7 KB
7 KB 101ms
51ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/45tLaaV.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 2589451
x-cache: HIT, HIT
status: 200
content-length: 7070
x-served-by: cache-bwi5120-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:44:14 GMT
server: cat factory 1.0
x-timer: S1576929950.829352,VS0,VE1
etag: "c1ebdc12ac294d85d550ba80c576286c"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 LqRZvNx.png
i.imgur.com/ 7 KB
7 KB 71ms
22ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/LqRZvNx.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 3643451
x-cache: HIT, HIT
status: 200
content-length: 7070
x-served-by: cache-bwi5130-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:44:32 GMT
server: cat factory 1.0
x-timer: S1576929950.829340,VS0,VE1
etag: "c1ebdc12ac294d85d550ba80c576286c"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 images%2B%252824%2529.jpeg
1.bp.blogspot.com/-6UkZf971jmA/XaNF31_1f5I/AAAAAAAACvM/klDdaHDrAtE5QaEvy5No5UT9HM4GRX2yQCLcBGAsYHQ/s1600/ 19 KB
19 KB 212ms
208ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-6UkZf971jmA/XaNF31_1f5I/AAAAAAAACvM/klDdaHDrAtE5QaEvy5No5UT9HM4GRX2yQCLcBGAsYHQ/s1600/images%2B%252824%2529.jpeg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d0e6d6b1c93d3983f72f23526b93196ccb4bcb4c90d84febae770a1da407d723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="images (24).jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19382
x-xss-protection: 0
server: fife
etag: "vaf4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 j7p3vDK.png
i.imgur.com/ 3 KB
3 KB 28ms
17ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/j7p3vDK.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 03438aa5abe5f685d4fa633fa2119321c26db9a7e7526f4855111b0d39d87319

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 661082
x-cache: HIT, HIT
status: 200
content-length: 2668
x-served-by: cache-bwi5132-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:47:38 GMT
server: cat factory 1.0
x-timer: S1576929950.878828,VS0,VE1
etag: "c8453f891cd670783fac596866febcbf"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 7SH6rfb.png
i.imgur.com/ 3 KB
3 KB 29ms
18ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/7SH6rfb.png
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 03438aa5abe5f685d4fa633fa2119321c26db9a7e7526f4855111b0d39d87319

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 3735628
x-cache: HIT, HIT
status: 200
content-length: 2668
x-served-by: cache-bwi5126-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:48:02 GMT
server: cat factory 1.0
x-timer: S1576929950.878835,VS0,VE1
etag: "c8453f891cd670783fac596866febcbf"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1

200

banners Show response
mybestdc.com/adServe/
Redirect Chain

https://p376822.clksite.com/adServe/banners?tid=376822_739430_13
https://mybestdc.com/adServe/banners?tid=376822_739430_13

34 KB
13 KB

513ms
133ms

Script
text/javascript

173.192.101.24
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://mybestdc.com/adServe/banners?tid=376822_739430_13
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3ecb5835f32db63c1f86f72753c4f3054336b2388ef9add82b35abbb7ccc630

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Dec 2019 12:05:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://mybestdc.com/adServe/banners?tid=376822_739430_13
Date: Sat, 21 Dec 2019 12:05:50 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 178
Content-Type: text/html

GET
H2 200 images%2B%252823%2529.jpeg
1.bp.blogspot.com/-s6L9OblMYbQ/XaNGfTEE0gI/AAAAAAAACvU/bM7PbVhw6J8SmYIfLKCWpguzCEvlTPGgQCLcBGAsYHQ/s1600/ 7 KB
7 KB 174ms
170ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-s6L9OblMYbQ/XaNGfTEE0gI/AAAAAAAACvU/bM7PbVhw6J8SmYIfLKCWpguzCEvlTPGgQCLcBGAsYHQ/s1600/images%2B%252823%2529.jpeg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

18d7e20b4a36c1a10a659181eb5b8d8a461d078a46350ac534ac6183444aa82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="images (23).jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7053
x-xss-protection: 0
server: fife
etag: "vaf9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 70exByK.jpg
i.imgur.com/ 4 KB
5 KB 26ms
15ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/70exByK.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: e02f7c2d7bed2b198eb68d0ac4fb008153292b2feecafd42123dff70a84cf297

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 15049240
x-cache: HIT, HIT
status: 200
content-length: 4582
x-served-by: cache-bwi5142-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:45:08 GMT
server: cat factory 1.0
x-timer: S1576929950.878801,VS0,VE1
etag: "eb1af903f081776da231193ffae61f3d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 h2gvNatY.jpg
1.bp.blogspot.com/--uIFFuSdWHQ/XaNGplWLsOI/AAAAAAAACvg/hvZHBkZXft4CiZlDqbT4tI4ujId-M2-_ACLcBGAsYHQ/s1600/ 42 KB
42 KB 166ms
162ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--uIFFuSdWHQ/XaNGplWLsOI/AAAAAAAACvg/hvZHBkZXft4CiZlDqbT4tI4ujId-M2-_ACLcBGAsYHQ/s1600/h2gvNatY.jpg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

833af367d560ede5038a762f3df07a129b1495142ddeeee3ef01ea34543e67ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="h2gvNatY.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42607
x-xss-protection: 0
server: fife
etag: "vafb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 images%2B%252822%2529.jpeg
1.bp.blogspot.com/-adpiNeK7UBU/XaNGmhr2ERI/AAAAAAAACvc/CnhHq57jWyUjDerM0eexHCf2u4DozgzXQCLcBGAsYHQ/s1600/ 18 KB
18 KB 169ms
166ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-adpiNeK7UBU/XaNGmhr2ERI/AAAAAAAACvc/CnhHq57jWyUjDerM0eexHCf2u4DozgzXQCLcBGAsYHQ/s1600/images%2B%252822%2529.jpeg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

47b58b4e11eb50ce29cd154a3a4363b06375f3ac59644494f6cbbc2d455738ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="images (22).jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18666
x-xss-protection: 0
server: fife
etag: "vafc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 MuhZ0Bj.jpg
i.imgur.com/ 6 KB
6 KB 33ms
23ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/MuhZ0Bj.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 6d48826668dfe9bd4982ea0ac99b1a918899f88f67d5a53de09d3d88fec63f41

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 3638868
x-cache: HIT, HIT
status: 200
content-length: 6281
x-served-by: cache-bwi5138-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:45:54 GMT
server: cat factory 1.0
x-timer: S1576929950.879223,VS0,VE1
etag: "77dce20ca7f46d34503d84b1289f3ebf"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 44, 1

GET
H2 200 vf7N2YT.jpg
i.imgur.com/ 6 KB
6 KB 29ms
19ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/vf7N2YT.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: ae70478e4a35155b11cf3da617b8abe1747b1ef5585673ddfb56bff8d090e4c4

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 15049183
x-cache: HIT, HIT
status: 200
content-length: 5808
x-served-by: cache-bwi5120-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:46:05 GMT
server: cat factory 1.0
x-timer: S1576929950.879201,VS0,VE0
etag: "1d03df2424bc8bf2598d84529ce0a792"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1225

GET
H2 200 w19jmpw.jpg
i.imgur.com/ 4 KB
5 KB 35ms
25ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/w19jmpw.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: e03b2f0212e101deb78b11e0cb84c3e1f7e7a2e2436da7873d19c01db1049896

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 11602604
x-cache: HIT, HIT
status: 200
content-length: 4474
x-served-by: cache-bwi5133-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:46:18 GMT
server: cat factory 1.0
x-timer: S1576929950.879196,VS0,VE1
etag: "9b1755afc834ca01ab8b2153874aa12b"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 s200_tomilehin.babafemi.jpg
1.bp.blogspot.com/-cFpZ1ibK7dw/XaNGizuMT3I/AAAAAAAACvY/v_C2tUmPqwUkIok4Q-kbqOlb4jIkq0MjACLcBGAsYHQ/s1600/ 10 KB
10 KB 23ms
20ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cFpZ1ibK7dw/XaNGizuMT3I/AAAAAAAACvY/v_C2tUmPqwUkIok4Q-kbqOlb4jIkq0MjACLcBGAsYHQ/s1600/s200_tomilehin.babafemi.jpg

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

00e98781c3b6cbe28f9e077357617f1ac79a2841d4b89b7de3f56a0fbb7eb57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="s200_tomilehin.babafemi.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10567
x-xss-protection: 0
server: fife
etag: "vafa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 22 Dec 2019 12:05:49 GMT

GET
H2 200 NllPRfI.jpg
i.imgur.com/ 5 KB
5 KB 34ms
24ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/NllPRfI.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d30c6bddf529dfc09be179687ec4291745a1078d18ae837b088e1c6c476781a1

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 2589451
x-cache: HIT, HIT
status: 200
content-length: 4709
x-served-by: cache-bwi5145-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:46:48 GMT
server: cat factory 1.0
x-timer: S1576929950.879207,VS0,VE1
etag: "1e31617fa22921ad29c1b35376e9ac6d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AApdWbg.jpg
i.imgur.com/ 4 KB
4 KB 38ms
28ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/AApdWbg.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 8c05efae576b174dfd1e6b54a3d6cd286431d4f492f931d67817554af82c4669

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:49 GMT
age: 6329407
x-cache: HIT, HIT
status: 200
content-length: 4247
x-served-by: cache-bwi5137-BWI, cache-hhn4066-HHN
last-modified: Sun, 30 Jun 2019 07:47:01 GMT
server: cat factory 1.0
x-timer: S1576929950.886380,VS0,VE1
etag: "c834223e009289f9c0b59f53e5cec62b"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 204 V0VUcFd4ejcDagMNJAEFAANtJCBudgJDZhoBHCoEMS5lEzQRA2xWIz4haUhlYXRnSXEnLDBNZnE2IBEjIjZpQXE+KzIfanEzaUF5ZHF6QWd5cXIEJzYiaUFxJzEgHGpmcGNGbmV8bURuYHNj
distoryrussion.info/ 0
57 B 304ms
98ms Image
text/plain 54.210.152.70
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distoryrussion.info/V0VUcFd4ejcDagMNJAEFAANtJCBudgJDZhoBHCoEMS5lEzQRA2xWIz4haUhlYXRnSXEnLDBNZnE2IBEjIjZpQXE+KzIfanEzaUF5ZHF6QWd5cXIEJzYiaUFxJzEgHGpmcGNGbmV8bURuYHNj
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.152.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-152-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 21 Dec 2019 12:05:50 GMT

GET
H2 200 popunder.gif
distoryrussion.info/ 35 B
212 B 304ms
98ms Image
image/gif 54.210.152.70
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distoryrussion.info/popunder.gif
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.152.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-152-70.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Dec 2019 12:05:50 GMT
content-encoding: gzip
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: public, max-age=604800, immutable
content-length: 58

GET tabs-1.css
amazonspinandwin.qaafira.com/css/ 0
0

GET
H2 404 jquery.tools.min.js
amazonspinandwin.qaafira.com/ 0
0 145ms
144ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/jquery.tools.min.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 bUhrYXJCdwgSTzwjUhA9OgYRBBVVBD05PFgMKhEjDgADAjYrBhJHBgQsVllAW3lYWFQdIQ9cQ0s7HwAGGDtWV0BLIQUHHVBuHVxDQ3tfT0NdZl9HBh0pDFxDSzgfFR5QeV5WRFR6UlhHXXhTUA
distoryrussion.info/ 0
57 B 99ms
98ms Image
text/plain 54.210.152.70
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distoryrussion.info/bUhrYXJCdwgSTzwjUhA9OgYRBBVVBD05PFgMKhEjDgADAjYrBhJHBgQsVllAW3lYWFQdIQ9cQ0s7HwAGGDtWV0BLIQUHHVBuHVxDQ3tfT0NdZl9HBh0pDFxDSzgfFR5QeV5WRFR6UlhHXXhTUA
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.152.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-152-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 21 Dec 2019 12:05:50 GMT

GET tabs-1.css
amazonspinandwin.qaafira.com/css/ 0
0

GET
H2 200 ui_tag_80.2-1.js Show response
p376822.mycdn.co/banners/script/ 176 KB
53 KB 59ms
15ms Script
application/javascript 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=376822_739430_11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:50 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b4fc-2c04a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=31104000
expires: Tue, 15 Dec 2020 12:05:50 GMT

GET
H2 404 jquery.tools.min.js
amazonspinandwin.qaafira.com/ 0
0 150ms
150ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/jquery.tools.min.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 it-ui-comp-37.css
p376822.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 16ms
15ms Stylesheet
text/css 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://p376822.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-37.css
Requested by: Host: p376822.mycdn.co
URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:23 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b503-5dea"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
expires: Tue, 15 Dec 2020 12:05:51 GMT

GET
H/1.1 200 findBanner Show response
mybestdc.com/adServe/banners/ 836 B
1 KB 144ms
144ms Script
text/javascript 173.192.101.24
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://mybestdc.com/adServe/banners/findBanner?num=1&keyword=GET%20A%20CHANCE%20TO%20SPIN%20FOR%20FREE%20AND%20WIN%20AMAZING%20PRIZES%20TODAY&tid=376822_739430_11&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp376822.mycdn.co&bs=37&referrer=https%3A%2F%2Famazonspinandwin.qaafira.com%2F&ap=cmp%3DBANNER%26evp%3D9d4-buyCt9jhuQQAAMsZkfbWwvziNp_1QR22JeacVpE-LsPeiWhzFXDj6FOGCSfU%26sjv%3D86.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DAmazon%2520Spin%2520and%2520Win&pid=376822&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCp7sqwhepzrb
Requested by: Host: p376822.mycdn.co
URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: a5360879e687ceb367b22372bfb64a00bcb5f24ba0e635b9472b225258a81f8e

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Dec 2019 12:05:51 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET tabs-1.css
amazonspinandwin.qaafira.com/css/ 0
0

GET
H2 200 it-banner-frame.css
p376822.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 5578 2 KB
924 B 16ms
15ms Stylesheet
text/css 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://p376822.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p376822.mycdn.co
URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:23 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b503-858"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
expires: Tue, 15 Dec 2020 12:05:51 GMT

GET
H/1.1 200 findBanner Show response
mybestdc.com/adServe/banners/ 825 B
1 KB 239ms
238ms Script
text/javascript 173.192.101.24
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://mybestdc.com/adServe/banners/findBanner?num=1&keyword=GET%20A%20CHANCE%20TO%20SPIN%20FOR%20FREE%20AND%20WIN%20AMAZING%20PRIZES%20TODAY&tid=376822_739430_13&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp376822.mycdn.co&bs=37&referrer=https%3A%2F%2Famazonspinandwin.qaafira.com%2F&ap=cmp%3DBANNER%26evp%3D9d4-buyCt9jhuQQAAMsZkfbWwvziNp_1QR22JeacVpE-LsPeiWhzFf-0tTHMUvdx%26sjv%3D86.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DAmazon%2520Spin%2520and%2520Win&pid=376822&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0wJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCpc20peq9bjr
Requested by: Host: p376822.mycdn.co
URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 53cbba071500fbff02fc5c7cd8283002241d81f08e30bce388bd059ceab246ab

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Dec 2019 12:05:51 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fallback_37x_en.jpg
p376822.mycdn.co/ext/onn/clean/ Frame 5578 16 KB
16 KB 17ms
17ms Image
image/jpeg 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p376822.mycdn.co/ext/onn/clean/fallback_37x_en.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: df9c48132cfbd14e947f19bf7428f9728fd21169d76acc35658b4618ca0c788b

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
last-modified: Mon, 05 Feb 2018 08:29:22 GMT
server: NetDNA-cache/2.2
etag: "5a7815e2-3fb3"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 16307
expires: Tue, 15 Dec 2020 12:05:51 GMT

GET
H2 404 jquery.tools.min.js
amazonspinandwin.qaafira.com/ 0
0 151ms
151ms Script
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://amazonspinandwin.qaafira.com/jquery.tools.min.js

Requested by

Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1381
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pop.js Show response
c1.popads.net/ 31 KB
9 KB 74ms
22ms Script
application/javascript 195.181.175.7
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.popads.net/pop.js
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.7 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-2.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: br
last-modified: Thu, 12 Dec 2019 21:50:35 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: W/"5df2b62b-7bef"
x-cache: HIT
content-type: application/javascript
status: 200
x-edge-ip: 195.181.175.2
x-age: 5502
alt-svc: quic="195.181.175.2:443"; ma=2592000; v="44,43,39"

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 DkJYdHhUUEQBe0ESVwN+AQJdVnVRUVIGLFRQU1B6VVUIVH4GUA5WKFJTXld1 Show response
dc5k8fg5ioc8s.cloudfront.net/VZ2oyTWcEBVwrWBMDVnBfVVwDfl5BAEEiCRdXXhgvPT1wdFBXK2IXLANZf2sTHQ4PfEELC1wqWkEPXC5aVkxTKQVaWhQ5FwgBDy4BFw1GJAITC1NrEgZXXyIdDgZeLEJVLAdjV0JYAmUKBglbIxMIGVpoVCVPAH0OCR5XIUJ... 492 B
654 B 176ms
175ms Script
text/plain 2600:9000:2057:5000:1a:a6:7f00:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/VZ2oyTWcEBVwrWBMDVnBfVVwDfl5BAEEiCRdXXhgvPT1wdFBXK2IXLANZf2sTHQ4PfEELC1wqWkEPXC5aVkxTKQVaWhQ5FwgBDy4BFw1GJAITC1NrEgZXXyIdDgZeLEJVLAdjV0JYAmUKBglbIxMIGVpoVCVPAH0OCR5XIUJVWl8sBEJYAiIUQlgCNUJVWg-N9OFZebXhOQlgCLBcXBlc6AgUBWzlCVSwHflBJWQRoVVdCWSUTCgYXfyRCWAIhDgwPF39XAA9RJghOTwB9BA8YXSACQlh0elNJWhx+UFVTHHxRXk8AfRQGDFM/DkJYdHhUUEQBe0ESVwN+AQJdVnVRUVIGLFRQU1B6VVUIVH4GUA5WKFJTXld1
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=826139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:5000:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 767df2e40c3430245ff7aaf77e27f2e243861b07be8cdc7bebae02f0529a3874

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
cache-control: max-age=31556926
access-control-allow-origin: *
content-length: 377
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: qoXWc_BSnDwcDtoGmSLNOvbzMQ5JxHoXM54ZDgDHrfc-Sz5_irBSGg==

GET
H2

200

s
stwilliongorgeti.info/
Redirect Chain

https://secure.adnxs.com/getuid?https://stwilliongorgeti.info/s?a=$UID&b=210248344324
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fstwilliongorgeti.info%2Fs%3Fa%3D%24UID%26b%3D210248344324
https://stwilliongorgeti.info/s?a=5918688991377246323&b=210248344324

43 B
384 B

286ms
199ms

Image
image/gif

104.18.21.150
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stwilliongorgeti.info/s?a=5918688991377246323&b=210248344324
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.150 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
accept-ranges: bytes
cf-ray: 5489ba069c277257-AMS
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sat, 21 Dec 2019 12:05:53 GMT
AN-X-Request-Uuid: 93728f20-df86-487e-a42b-9c737fd237f0
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://stwilliongorgeti.info/s?a=5918688991377246323&b=210248344324
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.24; 109.236.94.24; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 it-banner-frame.css
p376822.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 9ADE 2 KB
924 B 15ms
15ms Stylesheet
text/css 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://p376822.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p376822.mycdn.co
URL: https://p376822.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2019 11:33:23 GMT
server: NetDNA-cache/2.2
etag: W/"5d10b503-858"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=31104000
expires: Tue, 15 Dec 2020 12:05:51 GMT

GET
H2 200 fallback_37x_en.jpg
p376822.mycdn.co/ext/onn/clean/ Frame 9ADE 16 KB
16 KB 17ms
17ms Image
image/jpeg 94.31.29.128
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p376822.mycdn.co/ext/onn/clean/fallback_37x_en.jpg
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: df9c48132cfbd14e947f19bf7428f9728fd21169d76acc35658b4618ca0c788b

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
last-modified: Mon, 05 Feb 2018 08:29:22 GMT
server: NetDNA-cache/2.2
etag: "5a7815e2-3fb3"
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 16307
expires: Tue, 15 Dec 2020 12:05:51 GMT

GET
H2 200 / Show response
c.adsco.re/ 34 KB
11 KB 99ms
26ms Script
text/html 2606:4700::6811:a6ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
age: 2378521
etag: "a73Qdnp6tbMta3RY0Wgotw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: max-age=43200,public,immutable,no-transform
cf-ray: 5489ba069e1d5a00-VIE
link: <//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires: Sun, 24 Nov 2019 11:23:50 GMT

POST
H2 204 dT5GKXgdJyAaGDBCHxg7Aj49NAUPMiBoAxIyIB1qPBoRZHR6RURqdW4DHD1xeVUGLS08BgZkeHpVHDcqJ05EYX9uBUhoYntHW2h8ZkdTLTwpFEhoajgHATVxeUZCb3V6SkxsfX9ERA
distoryrussion.info/c3VZTEhcSjo/ 0
57 B 99ms
98ms Other
text/plain 54.210.152.70
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://distoryrussion.info/c3VZTEhcSjo/dT5GKXgdJyAaGDBCHxg7Aj49NAUPMiBoAxIyIB1qPBoRZHR6RURqdW4DHD1xeVUGLS08BgZkeHpVHDcqJ05EYX9uBUhoYntHW2h8ZkdTLTwpFEhoajgHATVxeUZCb3V6SkxsfX9ERA
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=826139
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.152.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-152-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 21 Dec 2019 12:05:51 GMT

GET
H2 200 /
6.adsco.re/ 0
241 B 38ms
35ms Other
text/plain 2606:4700::6811:a6ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: br
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
status: 200
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5489ba06de3f5a00-VIE
access-control-allow-headers: Content-Type

POST
H/1.1 401 t Show response
adsco.re/ 67 B
399 B 108ms
33ms XHR
application/json 162.252.214.5
Total Uptime Tech...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/t
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software: /
Resource Hash: d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

Date: Sat, 21 Dec 2019 12:05:51 GMT
Access-Control-Max-Age: 2592000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://amazonspinandwin.qaafira.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 / Show response
6.adsco.re/ 53 B
433 B 61ms
18ms XHR
text/plain 2606:4700::6811:a6ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

date: Sat, 21 Dec 2019 12:05:51 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://amazonspinandwin.qaafira.com
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5489ba07dbb1cbc4-VIE
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK / Show response
zjwesu29zsc4.l.adsco.re/ 0
464 B 81ms
21ms XHR
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://zjwesu29zsc4.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

Date: Sat, 21 Dec 2019 12:05:51 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
zjwesu29zsc4.n.adsco.re/ 0
464 B 368ms
90ms XHR
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://zjwesu29zsc4.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

Date: Sat, 21 Dec 2019 12:05:52 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
zjwesu29zsc4.s.adsco.re/ 0
464 B 728ms
190ms XHR
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://zjwesu29zsc4.s.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

Date: Sat, 21 Dec 2019 12:05:52 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 /
c.adsco.re/ Frame EF1A 0
0 43ms
42ms Document
text/html 2606:4700::6811:a6ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://amazonspinandwin.qaafira.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/

Response headers

status: 200
date: Sat, 21 Dec 2019 12:05:52 GMT
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
link: <//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
expires: Sun, 24 Nov 2019 11:23:50 GMT
etag: "a73Qdnp6tbMta3RY0Wgotw=="
content-encoding: gzip
cf-cache-status: HIT
age: 2378522
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
cf-ray: 5489ba084f3a5a00-VIE

POST
H/1.1 200
OK p Show response
adsco.re/ 259 B
782 B 49ms
49ms XHR
text/html 162.252.214.5
Total Uptime Tech...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software: /
Resource Hash: f85caa04b81056ab8e6da4a11700bdd64b1e15f70d16894a12ef6f245ec2e892

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

AS-P-G: OK
Date: Sat, 21 Dec 2019 12:05:52 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://amazonspinandwin.qaafira.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK c Show response
serve.popads.net/ 0
202 B 177ms
120ms Script
text/html 216.21.13.10
Total Uptime Tech...

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.popads.net/c?_=BAoAXf4KoAFd_gqggAGBAcAAIN-RdDbmNoQvVRvfZ1zZoC20nx0c95FtroFvGU7WBjeawQAg15OlHWK_ISOqBJ6OO1SumTldBr6b7cOEPazg9hqHlnzCACBoovgODCNI9GwLV4rmbtFva4XRmkIwNjb-Pna2BGwOHMQAECoBBPgBklQUAAAAAAAAAALFABAWEG_s5XQoZzM0JXGkyabIwwAgUCd3L5s-D0k75Yv6v1oGjwF2vx5uKxGd_SyX0EsmtBc&v=4&siteId=3758370&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by: Host: c1.popads.net
URL: https://c1.popads.net/pop.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 216.21.13.10 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://amazonspinandwin.qaafira.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 21 Dec 2019 12:05:52 GMT
PopAds-EC: ASB
Connection: Keep-Alive
Content-Length: 0
PopAds-CI: 92
Content-Type: text/html; charset=UTF-8

GET
H2 200 p Show response
stwilliongorgeti.info/ 26 B
383 B 237ms
192ms XHR
text/plain 104.18.21.150
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://stwilliongorgeti.info/p?b=210248344324&c=77683435
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=826139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.150 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7d5cdd9ad8ec6a8e4c16d82d60a279aa1339344df437e70ef6dbde9f12cb1a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://amazonspinandwin.qaafira.com/
Origin: https://amazonspinandwin.qaafira.com

Response headers

date: Sat, 21 Dec 2019 12:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cf-ray: 5489ba124cdc9d36-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/css/tabs-1.css

Domain: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/css/tabs-1.css

Domain: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/css/tabs-1.css

Domain: amazonspinandwin.qaafira.com
URL: https://amazonspinandwin.qaafira.com/css/tabs-1.css

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amazonspinandwin.qaafira.com/	1970-01-19 06:02:35	Name: a Value: BfiBxEzFL4Dok7oUvbQWf5SGcFTV3IQc
			amazonspinandwin.qaafira.com/	1969-12-31 23:59:59	Name: rhid_c Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.adsco.re/(Line 13) Message:
console-api	log	URL: https://c1.popads.net/pop.js(Line 44) Message: CI BAoAXf4KoAFd_gqggAGBAcAAIN-RdDbmNoQvVRvfZ1zZoC20nx0c95FtroFvGU7WBjeawQAg15OlHWK_ISOqBJ6OO1SumTldBr6b7cOEPazg9hqHlnzCACBoovgODCNI9GwLV4rmbtFva4XRmkIwNjb-Pna2BGwOHMQAECoBBPgBklQUAAAAAAAAAALFABAWEG_s5XQoZzM0JXGkyabIwwAgUCd3L5s-D0k75Yv6v1oGjwF2vx5uKxGd_SyX0EsmtBc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
6.adsco.re
adsco.re
ajax.googleapis.com
amazonspinandwin.qaafira.com
c.adsco.re
c1.popads.net
dc5k8fg5ioc8s.cloudfront.net
distoryrussion.info
i.imgur.com
image.ibb.co
mybestdc.com
p376822.clksite.com
p376822.mycdn.co
secure.adnxs.com
serve.popads.net
stwilliongorgeti.info
zjwesu29zsc4.l.adsco.re
zjwesu29zsc4.n.adsco.re
zjwesu29zsc4.s.adsco.re
amazonspinandwin.qaafira.com
104.18.21.150
151.101.112.193
162.252.214.5
173.192.101.24
185.200.116.90
185.200.118.90
185.33.223.80
195.181.175.7
216.21.13.10
2600:9000:2057:5000:1a:a6:7f00:21
2606:4700::6811:a6ba
2a00:1450:4001:819::2013
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::200a
38.132.109.186
51.15.77.27
54.210.152.70
94.31.29.128
00e98781c3b6cbe28f9e077357617f1ac79a2841d4b89b7de3f56a0fbb7eb57b
03438aa5abe5f685d4fa633fa2119321c26db9a7e7526f4855111b0d39d87319
045ae2171eeed0c2b6c6bdfb4ed361eb8bc69bea8b93ef7622505b7a85bba93b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
11bf548c41493005c6201d53cfa0ed3e3f77b04dadafc8ec2d7f665c8a2a9731
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
18d7e20b4a36c1a10a659181eb5b8d8a461d078a46350ac534ac6183444aa82a
3b7d5cdd9ad8ec6a8e4c16d82d60a279aa1339344df437e70ef6dbde9f12cb1a
47b58b4e11eb50ce29cd154a3a4363b06375f3ac59644494f6cbbc2d455738ac
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
53cbba071500fbff02fc5c7cd8283002241d81f08e30bce388bd059ceab246ab
5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c
67d986f0742b349ea2ecef81c55262c31ff3c8844d789bbc5ded3c6971d3f858
6c9b0d23329fa987e7fcca84960a91b5b4e71f8802fd65c30e2f31857de5d688
6d48826668dfe9bd4982ea0ac99b1a918899f88f67d5a53de09d3d88fec63f41
767df2e40c3430245ff7aaf77e27f2e243861b07be8cdc7bebae02f0529a3874
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833af367d560ede5038a762f3df07a129b1495142ddeeee3ef01ea34543e67ab
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8c05efae576b174dfd1e6b54a3d6cd286431d4f492f931d67817554af82c4669
9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae
a5360879e687ceb367b22372bfb64a00bcb5f24ba0e635b9472b225258a81f8e
ae70478e4a35155b11cf3da617b8abe1747b1ef5585673ddfb56bff8d090e4c4
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154
c65c820eaee76d8f4e87d375152b7b7995d6356117ddd27b31a68f57ffffe181
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d
d0e6d6b1c93d3983f72f23526b93196ccb4bcb4c90d84febae770a1da407d723
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
d30c6bddf529dfc09be179687ec4291745a1078d18ae837b088e1c6c476781a1
d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26
df9c48132cfbd14e947f19bf7428f9728fd21169d76acc35658b4618ca0c788b
e02f7c2d7bed2b198eb68d0ac4fb008153292b2feecafd42123dff70a84cf297
e03b2f0212e101deb78b11e0cb84c3e1f7e7a2e2436da7873d19c01db1049896
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ecb5835f32db63c1f86f72753c4f3054336b2388ef9add82b35abbb7ccc630
f23ac87798b30302961aa12587b5c581bd85f6c341437505917e3fd69848c388
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
f85caa04b81056ab8e6da4a11700bdd64b1e15f70d16894a12ef6f245ec2e892
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c

amazonspinandwin.qaafira.com Open in urlscan Pro 2a00:1450:4001:819::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

28 %IPv6

14 Domains

20 Subdomains

18 IPs

5 Countries

529 kBTransfer

909 kBSize

2 Cookies

3 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

amazonspinandwin.qaafira.com Open in urlscan Pro
2a00:1450:4001:819::2013 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

28 %
IPv6

14
Domains

20
Subdomains

18
IPs

5
Countries

529 kB
Transfer

909 kB
Size

2
Cookies

63 HTTP transactions
1 data transactions