gaming.gstorehub.com Open in urlscan Pro
52.209.170.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tkyncp.cn/wSqz2ojG/dbs-wa
Effective URL:
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=7298...
Submission: On October 02 via api (October 2nd 2021, 2:45:23 pm UTC) from SG — Scanned from DE

Summary HTTP 26 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 26 HTTP transactions. The main IP is 52.209.170.93, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is gaming.gstorehub.com.
TLS certificate: Issued by Amazon on April 15th 2021. Valid for: a year.

This is the only time gaming.gstorehub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.188.239 172.67.188.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.66.201.59 185.66.201.59	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
1	18.156.93.177 18.156.93.177	16509 (AMAZON-02) (AMAZON-02)
1	18.158.88.249 18.158.88.249	16509 (AMAZON-02) (AMAZON-02)
1	172.67.200.174 172.67.200.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.32.252.129 212.32.252.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	52.209.170.93 52.209.170.93	16509 (AMAZON-02) (AMAZON-02)
1 1	91.198.93.41 91.198.93.41	201951 (DIMOCO-AS) (DIMOCO-AS)
1	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
1	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
7	52.222.214.32 52.222.214.32	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
3	34.250.37.253 34.250.37.253	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
26	13

1 172.67.188.239 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tkyncp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.59 (Komárno, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.59.skhosting.eu

benfly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.93.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-93-177.eu-central-1.compute.amazonaws.com

adjuringdraphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com

frookshop-winsive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.200.174 (United States)

ASN13335 (CLOUDFLARENET, US)

gemadspoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.129 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go.rolltrafficroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.170.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-170-93.eu-west-1.compute.amazonaws.com

gaming.gstorehub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.93.41 (Brunn am Gebirge, Austria) 1 redirects

ASN201951 (DIMOCO-AS, AT)
PTR: services.dimoco.at

services.dimoco.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.164 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-32.fra56.r.cloudfront.net

cloudfront.advicator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.37.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-37-253.eu-west-1.compute.amazonaws.com

portal.advicator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	advicator.com cloudfront.advicator.com portal.advicator.com	1 MB
3	google-analytics.com www.google-analytics.com	39 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	gstorehub.com 1 redirects gaming.gstorehub.com	5 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	google.com www.google.com	522 B
1	doubleclick.net stats.g.doubleclick.net	410 B
1	dimoco.at 1 redirects services.dimoco.at	325 B
1	rolltrafficroll.com 1 redirects go.rolltrafficroll.com	311 B
1	gemadspoint.com gemadspoint.com Failed	2 KB
1	frookshop-winsive.com frookshop-winsive.com Failed	795 B
1	adjuringdraphy.com adjuringdraphy.com	2 KB
1	benfly.net benfly.net	969 B
1	tkyncp.cn 1 redirects www.tkyncp.cn	719 B
26	14

	Domain	Requested by
7	cloudfront.advicator.com	gaming.gstorehub.com cloudfront.advicator.com
3	portal.advicator.com	gaming.gstorehub.com
3	www.google-analytics.com	benfly.net www.google-analytics.com gemadspoint.com
2	fonts.googleapis.com	gaming.gstorehub.com
2	gaming.gstorehub.com	1 redirects gemadspoint.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	services.dimoco.at	1 redirects
1	go.rolltrafficroll.com	1 redirects
1	gemadspoint.com	frookshop-winsive.com
1	frookshop-winsive.com	adjuringdraphy.com
1	adjuringdraphy.com	benfly.net
1	benfly.net
1	www.tkyncp.cn	1 redirects
26	15

This site contains links to these domains. Also see Links.

Domain
emobi-content.s3-eu-west-1.amazonaws.com
mobileinfo.biz

Subject Issuer	Validity	Valid
benfly.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
adjuringdraphy.com R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
frookshop-winsive.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
gaming.gstorehub.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cloudfront.advicator.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
admin.advicator.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Frame ID: B3A558DDECD20C3D94BB6B58D5AF33D3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Content Download

Page URL History Show full URLs

http://www.tkyncp.cn/wSqz2ojG/dbs-wa HTTP 302
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami Page URL
https://adjuringdraphy.com/4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b?c2=26233199&c1=affC1633185918aff2b4f3bb... Page URL
https://frookshop-winsive.com/redirect?target=BASE64aHR0cHM6Ly9nZW1hZHNwb2ludC5jb20vY2xrL1YyOUdSM1ZrVWpWdU... Page URL
https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6n... Page URL
https://go.rolltrafficroll.com/click?pid=1565&offer_id=66332&sub1=20100281_21_2_32cd_6b9ece_a1f_80_6158707e... HTTP 302
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_i... HTTP 302
http://services.dimoco.at/dcb-r/redirect?session_id=R-p-91f2ff31-5016-4e8f-97f8-e6a1cb5e4d27&rp=52b992... HTTP 303
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_i... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

88 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

1363 kB
Transfer

1761 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://emobi-content.s3-eu-west-1.amazonaws.com/Mobvilla/GM-T%26C/Allgemeine+Gesch%C3%A4ftsbedingungen+-+GoMobee.pdf
Title: AGB

Search URL Search Domain Scan URL

URL: https://emobi-content.s3-eu-west-1.amazonaws.com/Mobvilla/GM-T%26C/Widerrufsbehlerung+-+GoMobee.pdf
Title: Widerruf

Search URL Search Domain Scan URL

URL: https://emobi-content.s3-eu-west-1.amazonaws.com/Mobvilla/GM-T%26C/Impressum+-+GoMobee.pdf
Title: Impressum

Search URL Search Domain Scan URL

URL: https://emobi-content.s3-eu-west-1.amazonaws.com/Mobvilla/GM-T%26C/Hilfe+-+GoMobee.pdf
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://mobileinfo.biz/
Title: Kündigung

Search URL Search Domain Scan URL

URL: https://emobi-content.s3-eu-west-1.amazonaws.com/Mobvilla/GM-T%26C/Datenschutzhinweise+-+GoMobee.pdf
Title: Datenshutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tkyncp.cn/wSqz2ojG/dbs-wa HTTP 302
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami Page URL
https://adjuringdraphy.com/4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b?c2=26233199&c1=affC1633185918aff2b4f3bbb3101a091a321 Page URL
https://frookshop-winsive.com/redirect?target=BASE64aHR0cHM6Ly9nZW1hZHNwb2ludC5jb20vY2xrL1YyOUdSM1ZrVWpWdU9GcEdlWGR4UlRKS2JUQkpha3czYTFOTlZ5OVRkVGg1YTFoamJrWTRXVkJ4WnowP3VjPXcxcHVyOWs2bmU3YmZldGFpcDdibGc2aw&ts=1633185918164&hash=tClgsWlVJ3GciSntNPeFlnVYLSfI5ya9WUUNML2ycWc&rm=DJ Page URL
https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k Page URL
https://go.rolltrafficroll.com/click?pid=1565&offer_id=66332&sub1=20100281_21_2_32cd_6b9ece_a1f_80_6158707e_d883722b_0_0_0_64_64_0_2_2_0_0&sub5=32cd HTTP 302
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd HTTP 302
http://services.dimoco.at/dcb-r/redirect?session_id=R-p-91f2ff31-5016-4e8f-97f8-e6a1cb5e4d27&rp=52b992c5-45aa-418c-92a1-d52af47001f0&post_data=true HTTP 303
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.tkyncp.cn/wSqz2ojG/dbs-wa HTTP 302
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
benfly.net/e8ff0088ab/1c337ce436/
Redirect Chain

http://www.tkyncp.cn/wSqz2ojG/dbs-wa
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami

887 B
969 B

122ms
73ms

Document
text/html

185.66.201.59
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.59 Komárno, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.59.skhosting.eu
Software: nginx /
Resource Hash: 9314cb4f36099e18fe6d7ea79ade14e0aaec34aec3c057248e87caefa7f733de

Request headers

:method: GET
:authority: benfly.net
:scheme: https
:path: /e8ff0088ab/1c337ce436/?placementName=jiami
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 02 Oct 2021 14:45:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2591707=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_c_39676=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br

Redirect headers

Date: Sat, 02 Oct 2021 14:45:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzaLafmRbPGVJNtoPZscgcHQwcv%2FOJ3ywsMa9K60pkDrrgjyNlEb70dEicSy%2FHmwHZLv51B7OetilHDP1rYkxW92N3HyDutsmvy7kmNB6aJ8i8nRVXfVOmGyx6iHVvXL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 697eb6b2ff815bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 analytics.js
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: benfly.net
URL: https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://benfly.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6798
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET
H/1.1 200 Cookie set 4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b Show response
adjuringdraphy.com/ 856 B
2 KB 45ms
11ms Document
text/html 18.156.93.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adjuringdraphy.com/4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b?c2=26233199&c1=affC1633185918aff2b4f3bbb3101a091a321
Requested by: Host: benfly.net
URL: https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.93.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-93-177.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b2e8eb277fedaa7ce787e5a02fbf6c9be9036abab2d577d8fcccfc8e21d6491e

Request headers

Host: adjuringdraphy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://benfly.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://benfly.net/

Response headers

Server: nginx
Date: Sat, 02 Oct 2021 14:45:18 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 856
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b-v4=zAy4E8hrQAWfJ65P4pa-aSNSECI_KeuNyXCyQcSZxLE; Max-Age=86400; Expires=Sun, 03-Oct-2021 14:45:18 GMT; Domain=adjuringdraphy.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=NwUVX3881nkzazfFtcN1TlGoeBak2PI5y7CrqRyyAKhyjYhc29bveqBHkBAIgSt%2B4DhaKWgtmnqhfxG%2FOxDrg7EsIwvvizE2CUw1Kw9QW0OFjeMwmZyVTurrXHIQbDP6r6GOMaHnP5cj2uYoINmG2g%3D%3D; Max-Age=31536000; Expires=Sun, 02-Oct-2022 14:45:18 GMT; Domain=adjuringdraphy.com; Path=/; Secure; HttpOnly;SameSite=None

POST collect
www.google-analytics.com/j/ 0
0

GET redirect
frookshop-winsive.com/ 0
0

GET
H/1.1 200 redirect Show response
frookshop-winsive.com/ 522 B
795 B 34ms
9ms Document
text/html 18.158.88.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frookshop-winsive.com/redirect?target=BASE64aHR0cHM6Ly9nZW1hZHNwb2ludC5jb20vY2xrL1YyOUdSM1ZrVWpWdU9GcEdlWGR4UlRKS2JUQkpha3czYTFOTlZ5OVRkVGg1YTFoamJrWTRXVkJ4WnowP3VjPXcxcHVyOWs2bmU3YmZldGFpcDdibGc2aw&ts=1633185918164&hash=tClgsWlVJ3GciSntNPeFlnVYLSfI5ya9WUUNML2ycWc&rm=DJ
Requested by: Host: adjuringdraphy.com
URL: https://adjuringdraphy.com/4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b?c2=26233199&c1=affC1633185918aff2b4f3bbb3101a091a321
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8e3011cb75380aa5ea87b61163614a904bbbcf5e8a4c9bbb4471c53f35059d75

Request headers

Host: frookshop-winsive.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://adjuringdraphy.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adjuringdraphy.com/

Response headers

Server: nginx
Date: Sat, 02 Oct 2021 14:45:18 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 522
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0
gemadspoint.com/clk/ 0
0

GET
H2 200 V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0 Show response
gemadspoint.com/clk/ 1 KB
2 KB 164ms
124ms Document
text/html 172.67.200.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k
Requested by: Host: frookshop-winsive.com
URL: https://frookshop-winsive.com/redirect?target=BASE64aHR0cHM6Ly9nZW1hZHNwb2ludC5jb20vY2xrL1YyOUdSM1ZrVWpWdU9GcEdlWGR4UlRKS2JUQkpha3czYTFOTlZ5OVRkVGg1YTFoamJrWTRXVkJ4WnowP3VjPXcxcHVyOWs2bmU3YmZldGFpcDdibGc2aw&ts=1633185918164&hash=tClgsWlVJ3GciSntNPeFlnVYLSfI5ya9WUUNML2ycWc&rm=DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.200.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efcfb11d1508bfcf2da40ce5a971b704e2f799f27f92d41399bac3e2e5449e11

Request headers

:method: GET
:authority: gemadspoint.com
:scheme: https
:path: /clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://frookshop-winsive.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://frookshop-winsive.com/

Response headers

date: Sat, 02 Oct 2021 14:45:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: GEO_8899b54e4af054d6a537015f3ec5f7cdd8f1368e=6b9ece; expires=Sat, 02-Oct-2021 15:45:18 GMT; Max-Age=3600 msv-32cd-6b9ece-0-50-2-0=3632493099; expires=Sun, 03-Oct-2021 14:45:18 GMT; Max-Age=86400 click-29d-6b9ece=20100281_21_2_32cd_6b9ece_a1f_80_6158707e_d883722b_0_0_0_64_64_0_2_2_0_0; expires=Thu, 31-Mar-2022 14:45:18 GMT; Max-Age=15552000; path=/conversion
charset: UTF-8
content-encoding: UTF-8
p3p: CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma: no-cache
cache-control: no-cache no-cache, must-revalidate, max-age=0
x-robots-tag: noindex, nofollow, nocache, noarchive
googlebot: noindex, nofollow, nocache, noarchive
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i2FctzG6tN8lYkkDKFbSyNwu0YtoZ%2FTncPQMRKco6Ju6rAtFLStAukH4SPcVRQ97SX93g5jIQDybAxnDBU4EqeeGs1YXDd4cuyWHlXhaDAaTIgMf%2BuKMgZvskuZ52T1haM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697eb6b54c1b4131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 analytics.js
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gemadspoint.com
URL: https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemadspoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6798
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET
H2

200

Primary Request 65uqh3ed Show response
gaming.gstorehub.com/
Redirect Chain

https://go.rolltrafficroll.com/click?pid=1565&offer_id=66332&sub1=20100281_21_2_32cd_6b9ece_a1f_80_6158707e_d883722b_0_0_0_64_64_0_2_2_0_0&sub5=32cd
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd
http://services.dimoco.at/dcb-r/redirect?session_id=R-p-91f2ff31-5016-4e8f-97f8-e6a1cb5e4d27&rp=52b992c5-45aa-418c-92a1-d52af47001f0&post_data=true
https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

21 KB
5 KB

120ms
120ms

Document
text/html

52.209.170.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Requested by

Host: gemadspoint.com
URL: https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.170.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-170-93.eu-west-1.compute.amazonaws.com

Software

Resource Hash

65bac3cb5057149ff334d7fed9c085c628c332c1474eb13c44e757990da7d185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: gaming.gstorehub.com
:scheme: https
:path: /65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: sessionId=s%3AZtLez0drmbA_tYsd5NIu9I26RCIShKYF.I9lUp6yit5iBxa1XPjuid6ByNa7nYH%2B95VrmPxauiWE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k

Response headers

date: Sat, 02 Oct 2021 14:45:19 GMT
content-type: text/html; charset=utf-8
content-length: 4451
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
x-pecots-licence: VALID LICENCE - EXPIRES 2022-10-02 12:40:38
vary: Accept-Encoding
content-encoding: br
etag: W/"1163-wTue7+R2w3kHycafRt0tKd9UAes"
set-cookie: sessionId=s%3AZtLez0drmbA_tYsd5NIu9I26RCIShKYF.I9lUp6yit5iBxa1XPjuid6ByNa7nYH%2B95VrmPxauiWE; Path=/; Expires=Mon, 01 Nov 2021 14:45:19 GMT; HttpOnly; SameSite=Lax

Redirect headers

Location: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
content-length: 0
Set-Cookie: TS013ec6d1=019fdf5f8b744c63cffb98b6d75226d04614a986a9a3cc36fa996845611f56666f2bde37e561b2722ef03b7f48f6b9b84d63f2928d; Path=/

POST
H3 200 collect
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1246548766&t=pageview&_s=1&dl=https%3A%2F%2Fgemadspoint.com%2Fclk%2FV29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0%3Fuc%3Dw1pur9k6ne7bfetaip7blg6k&dr=https%3A%2F%2Ffrookshop-winsive.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1420707638&gjid=825383263&cid=1151568533.1633185918&tid=UA-1672790-14&_gid=26815525.1633185918&_r=1&_slc=1&z=668214671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gemadspoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 14:45:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gemadspoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 2 B
410 B 47ms
17ms XHR
text/plain 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1672790-14&cid=1151568533.1633185918&jid=1420707638&gjid=825383263&_gid=26815525.1633185918&_u=IEBAAEAAAAAAAC~&z=642539911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gemadspoint.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 02 Oct 2021 14:45:18 GMT
content-type: text/plain
access-control-allow-origin: https://gemadspoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 40ms
17ms Image
image/gif 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1672790-14&cid=1151568533.1633185918&jid=1420707638&_u=IEBAAEAAAAAAAC~&z=1989127107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.164 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f4.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemadspoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 14:45:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animate.css
cloudfront.advicator.com/template_assets/animate.css/ 74 KB
5 KB 94ms
7ms Stylesheet
text/css 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.advicator.com/template_assets/animate.css/animate.css
Requested by: Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 02:05:40 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 09:48:46 GMT
server: AmazonS3
age: 45580
etag: W/"1aaa8beecce19062646761f002462694"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: IdypLXh-ENWEUl8xNkt2eOe1WSxH7BhMtWDbmm7JwAmrYVal6pz5Aw==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 40ms
17ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=swap

Requested by

Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:59:51 GMT
server: ESF
date: Sat, 02 Oct 2021 14:45:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 14:45:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
797 B 40ms
18ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;600;700&display=swap

Requested by

Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

e01c05e805b837c7602f5e832a010dbd66023ba459e9d28c268f96f7979c8dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 14:26:11 GMT
server: ESF
date: Sat, 02 Oct 2021 14:45:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 14:45:19 GMT

GET
H2 200 jquery.min.js Show response
cloudfront.advicator.com/template_assets/jquery/ 84 KB
30 KB 94ms
8ms Script
application/javascript 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.advicator.com/template_assets/jquery/jquery.min.js
Requested by: Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 06:08:13 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 09:48:45 GMT
server: AmazonS3
age: 31027
etag: W/"710458dd559c957714ac4a8e95357eb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: A5tfVS0wVepdXOw2N2IXkyKh6iJ4i53OtiEhKYeKCGair4YrCkxVAQ==

GET
H/1.1 200
OK undefined_1616765888.png
portal.advicator.com/media/34/ 15 KB
15 KB 151ms
64ms Image
image/webp 34.250.37.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.advicator.com/media/34/undefined_1616765888.png

Requested by

Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

34.250.37.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-37-253.eu-west-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8997f83efc153ebeb33262e30bff46ecfbe4f7a1d5b16cefe2dc7ff6e6665e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 14:45:19 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 14880
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.14.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"3a20-LglHo7j6PO8OpXEkeAYvoma+gts"
Expect-CT: max-age=0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Cache-Control: public, max-age=8640000
Content-Type: image/webp

GET
H2 200 intlTelInput.css
cloudfront.advicator.com/template_assets/intl-tel/css/ 28 KB
4 KB 7ms
7ms Stylesheet
text/css 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.advicator.com/template_assets/intl-tel/css/intlTelInput.css
Requested by: Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb56c2adb766c4a4a6e3964cfdc28fbe7a5999e7eb6dccf0013b482aa1a58a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:55:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 09:48:48 GMT
server: AmazonS3
age: 31771
etag: W/"a30aa30db3596fa48cb221f3f2c96ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Gg3u_OgAuNElK2hV6Gw2gpAN5_WgNEhzPnxKtgU5VWkiqruaSfV-Fg==

GET
H2 200 intlTelInput.min.js Show response
cloudfront.advicator.com/template_assets/intl-tel/js/ 22 KB
9 KB 7ms
7ms Script
application/javascript 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.advicator.com/template_assets/intl-tel/js/intlTelInput.min.js
Requested by: Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bb4291aac5afdf09e0b48c1afcdc6a9758a27ea01b84bc081ba045f379ddbd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 00:41:55 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 09:48:49 GMT
server: AmazonS3
age: 50605
etag: W/"917413898e3b8eb2fa6816e7ec2a21e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: _EG5xqpaLeXBVAadtDov0ge3fxBFTsIHBq_WAP_bBUiyjQmvndS77Q==

GET
H/1.1 200
OK undefined_1616770099.png
portal.advicator.com/media/34/ 10 KB
11 KB 122ms
42ms Image
image/webp 34.250.37.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.advicator.com/media/34/undefined_1616770099.png

Requested by

Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

34.250.37.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-37-253.eu-west-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

780bbaeff2cf55d96ba9725b8e79108d90b943e88c28d3f1899e81afc9174d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 14:45:19 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 10384
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.14.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"2890-z3+w35RXz8R+Qr9FRqR3hxsOHAM"
Expect-CT: max-age=0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Cache-Control: public, max-age=8640000
Content-Type: image/webp

GET
H/1.1 200
OK undefined_1617874954.png
portal.advicator.com/media/36/ 11 KB
12 KB 144ms
64ms Image
image/webp 34.250.37.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.advicator.com/media/36/undefined_1617874954.png

Requested by

Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

34.250.37.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-37-253.eu-west-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

91fbecd4a31ea3de32a4c56050582d7af77ea0e29bb9443d572a8ff17b5e25be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 14:45:19 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 11647
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.14.0 (Ubuntu)
X-Frame-Options: SAMEORIGIN
ETag: W/"2d7f-7NX2ugSh9PKrGf9nE9ccxrJsxz4"
Expect-CT: max-age=0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Cache-Control: public, max-age=8640000
Content-Type: image/webp

GET
H2 200 undefined_1617869842.png
cloudfront.advicator.com/media/36/ 1 MB
1 MB 8ms
8ms Image
image/png 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront.advicator.com/media/36/undefined_1617869842.png
Requested by: Host: gaming.gstorehub.com
URL: https://gaming.gstorehub.com/65uqh3ed?click_id=6158707ee98e9300017bca38&source=f7m73bca&pub_id=1565&sub_id=32cd&advph_id=72989568
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 836c9173275984ef5c80b8acfe526d233b757fa8900409f835c4537cd3f202b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gaming.gstorehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 16:27:37 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 08:17:23 GMT
server: AmazonS3
age: 80263
etag: "06f41d2d40d3c33fcdfa526eb2e211ec"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 1090336
x-amz-cf-id: PEzjlLgY819XRx0-isiVTJfzHOA5zGJF_r4-aiTBtXr6H6LKIfL4eA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 27ms
6ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaming.gstorehub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 164448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:04:31 GMT

GET
H2 200 utils.js Show response
cloudfront.advicator.com/template_assets/intl-tel/js/ 212 KB
50 KB 27ms
27ms Script
application/javascript 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfront.advicator.com/template_assets/intl-tel/js/utils.js
Requested by: Host: cloudfront.advicator.com
URL: https://cloudfront.advicator.com/template_assets/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa3b07ab9c6d02f1a32c61e9cb4a90d90357bcbef03fb09554dbcc2d362d0f02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:09:32 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 09:48:49 GMT
server: AmazonS3
age: 77758
etag: W/"9b22124a7bec94f1ab5563ab07c804ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: vsVTZU3fAbkZ4J_D9sfZ8kQzlg3N7XS-31oonhyWLkE9K-cFW3hKMQ==

GET
H2 200 flags.png
cloudfront.advicator.com/template_assets/intl-tel/img/ 64 KB
65 KB 16ms
16ms Image
image/png 52.222.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront.advicator.com/template_assets/intl-tel/img/flags.png
Requested by: Host: cloudfront.advicator.com
URL: https://cloudfront.advicator.com/template_assets/intl-tel/css/intlTelInput.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cloudfront.advicator.com/template_assets/intl-tel/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 04:09:05 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
last-modified: Fri, 08 Feb 2019 09:48:49 GMT
server: AmazonS3
age: 39751
etag: "ae33acae404631e997ef8d91dae08ccd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 65960
x-amz-cf-id: W-WNP9kYnRX5HAMD-tdGyZNG1ke1KGo5K5pW8CR_cIJe3afL1MKTKA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j93&a=22583691&t=pageview&_s=1&dl=https%3A%2F%2Fbenfly.net%2Fe8ff0088ab%2F1c337ce436%2F%3FplacementName%3Djiami&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1752246707&gjid=1017412523&cid=2054960138.1633185918&tid=UA-68398243-1&_gid=1049654500.1633185918&_r=1&_slc=1&z=1261310090

Domain: frookshop-winsive.com
URL: https://frookshop-winsive.com/redirect?target=BASE64aHR0cHM6Ly9nZW1hZHNwb2ludC5jb20vY2xrL1YyOUdSM1ZrVWpWdU9GcEdlWGR4UlRKS2JUQkpha3czYTFOTlZ5OVRkVGg1YTFoamJrWTRXVkJ4WnowP3VjPXcxcHVyOWs2bmU3YmZldGFpcDdibGc2aw&ts=1633185918164&hash=tClgsWlVJ3GciSntNPeFlnVYLSfI5ya9WUUNML2ycWc&rm=DJ

Domain: gemadspoint.com
URL: https://gemadspoint.com/clk/V29GR3VkUjVuOFpGeXdxRTJKbTBJakw3a1NNVy9TdTh5a1hjbkY4WVBxZz0?uc=w1pur9k6ne7bfetaip7blg6k

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gemadspoint.com/conversion	1970-01-20 01:58:57	Name: click-29d-6b9ece Value: 20100281_21_2_32cd_6b9ece_a1f_80_6158707e_d883722b_0_0_0_64_64_0_2_2_0_0
gemadspoint.com/clk	1970-01-19 21:39:49	Name: GEO_8899b54e4af054d6a537015f3ec5f7cdd8f1368e Value: 6b9ece
gemadspoint.com/clk	1970-01-19 21:41:12	Name: msv-32cd-6b9ece-0-50-2-0 Value: 3632493099
.benfly.net/	1970-01-20 15:10:57	Name: _ga Value: GA1.2.2054960138.1633185918
.benfly.net/	1970-01-19 21:41:12	Name: _gid Value: GA1.2.1049654500.1633185918
.benfly.net/	1970-01-19 21:39:45	Name: _gat Value: 1
.adjuringdraphy.com/	1970-01-19 21:41:12	Name: 4f0b8c41-11ac-46ce-9cbf-d1d2d63f393b-v4 Value: zAy4E8hrQAWfJ65P4pa-aSNSECI_KeuNyXCyQcSZxLE
.adjuringdraphy.com/	1970-01-20 06:25:21	Name: cc-v4 Value: NwUVX3881nkzazfFtcN1TlGoeBak2PI5y7CrqRyyAKhyjYhc29bveqBHkBAIgSt%2B4DhaKWgtmnqhfxG%2FOxDrg7EsIwvvizE2CUw1Kw9QW0OFjeMwmZyVTurrXHIQbDP6r6GOMaHnP5cj2uYoINmG2g%3D%3D
.gemadspoint.com/	1970-01-20 15:10:57	Name: _ga Value: GA1.2.1151568533.1633185918
.gemadspoint.com/	1970-01-19 21:41:12	Name: _gid Value: GA1.2.26815525.1633185918
.gemadspoint.com/	1970-01-19 21:39:45	Name: _gat Value: 1
go.rolltrafficroll.com/	1970-01-20 06:25:21	Name: afclick Value: 6158707ee98e9300017bca38
go.rolltrafficroll.com/	1970-01-20 06:25:21	Name: afoffers Value: {"66332":1633185918}
gaming.gstorehub.com/	1970-01-19 22:22:57	Name: sessionId Value: s%3AZtLez0drmbA_tYsd5NIu9I26RCIShKYF.I9lUp6yit5iBxa1XPjuid6ByNa7nYH%2B95VrmPxauiWE
services.dimoco.at/	1969-12-31 23:59:59	Name: TS013ec6d1 Value: 019fdf5f8b744c63cffb98b6d75226d04614a986a9a3cc36fa996845611f56666f2bde37e561b2722ef03b7f48f6b9b84d63f2928d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjuringdraphy.com
benfly.net
cloudfront.advicator.com
fonts.googleapis.com
fonts.gstatic.com
frookshop-winsive.com
gaming.gstorehub.com
gemadspoint.com
go.rolltrafficroll.com
portal.advicator.com
services.dimoco.at
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.tkyncp.cn
frookshop-winsive.com
gemadspoint.com
www.google-analytics.com
142.250.185.195
142.250.186.46
142.250.186.74
172.67.188.239
172.67.200.174
18.156.93.177
18.158.88.249
185.66.201.59
212.32.252.129
216.58.212.164
34.250.37.253
52.209.170.93
52.222.214.32
74.125.206.156
91.198.93.41
1bb4291aac5afdf09e0b48c1afcdc6a9758a27ea01b84bc081ba045f379ddbd4
213e86422cd9a5571a335fcbfe6222340615bd912b3207f07b07f51865971bf2
38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
65bac3cb5057149ff334d7fed9c085c628c332c1474eb13c44e757990da7d185
780bbaeff2cf55d96ba9725b8e79108d90b943e88c28d3f1899e81afc9174d0e
836c9173275984ef5c80b8acfe526d233b757fa8900409f835c4537cd3f202b5
8997f83efc153ebeb33262e30bff46ecfbe4f7a1d5b16cefe2dc7ff6e6665e66
8e3011cb75380aa5ea87b61163614a904bbbcf5e8a4c9bbb4471c53f35059d75
91fbecd4a31ea3de32a4c56050582d7af77ea0e29bb9443d572a8ff17b5e25be
9314cb4f36099e18fe6d7ea79ade14e0aaec34aec3c057248e87caefa7f733de
aa3b07ab9c6d02f1a32c61e9cb4a90d90357bcbef03fb09554dbcc2d362d0f02
b2e8eb277fedaa7ce787e5a02fbf6c9be9036abab2d577d8fcccfc8e21d6491e
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
e01c05e805b837c7602f5e832a010dbd66023ba459e9d28c268f96f7979c8dce
efcfb11d1508bfcf2da40ce5a971b704e2f799f27f92d41399bac3e2e5449e11
f837e34ead3df38437a99751739937715d9e7af680fd3c15f348227649bedb61
fb56c2adb766c4a4a6e3964cfdc28fbe7a5999e7eb6dccf0013b482aa1a58a5b

gaming.gstorehub.com Open in urlscan Pro 52.209.170.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

88 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

13 IPs

6 Countries

1363 kBTransfer

1761 kBSize

15 Cookies

6 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

15 Cookies

Indicators

gaming.gstorehub.com Open in urlscan Pro
52.209.170.93 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

88 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

1363 kB
Transfer

1761 kB
Size

15
Cookies

26 HTTP transactions
0 data transactions