www.iqplaywin.com Open in urlscan Pro
35.244.205.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://znqroot.com/
Effective URL:
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aa...
Submission: On October 21 via manual (October 21st 2019, 10:50:28 am UTC) from US

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 18 domains to perform 61 HTTP transactions. The main IP is 35.244.205.206, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is www.iqplaywin.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2019. Valid for: 3 months.

This is the only time www.iqplaywin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.200.138.57 18.200.138.57	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700:30:... 2606:4700:30::681c:5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::6818:659a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	18.195.30.247 18.195.30.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2606:4700:30:... 2606:4700:30::681f:46e4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	54.200.87.201 54.200.87.201	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
23	35.244.205.206 35.244.205.206	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	35.244.175.13 35.244.175.13	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
61	17

1 18.200.138.57 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-200-138-57.eu-west-1.compute.amazonaws.com

znqroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

p.t67.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:659a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

apidata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.30.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-30-247.eu-central-1.compute.amazonaws.com

app.logictree.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
citines-boutlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:30::681f:46e4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

secure.soupdog.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.87.201 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-87-201.us-west-2.compute.amazonaws.com

www.24t7.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 35.244.205.206 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 206.205.244.35.bc.googleusercontent.com

www.iqplaywin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.175.13 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 13.175.244.35.bc.googleusercontent.com

srv.ibraincollege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	iqplaywin.com www.iqplaywin.com	1 MB
9	googleapis.com ajax.googleapis.com fonts.googleapis.com	139 KB
6	soupdog.space secure.soupdog.space	54 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	36 KB
2	ibraincollege.com srv.ibraincollege.com	451 B
2	facebook.com www.facebook.com	593 B
2	google-analytics.com www.google-analytics.com	18 KB
2	bing.com bat.bing.com	8 KB
2	facebook.net connect.facebook.net	88 KB
2	logictree.co 1 redirects app.logictree.co	3 KB
2	t67.me p.t67.me	3 KB
1	gstatic.com fonts.gstatic.com	60 KB
1	googletagmanager.com www.googletagmanager.com	22 KB
1	jquery.com code.jquery.com	30 KB
1	24t7.me www.24t7.me Failed	169 B
1	citines-boutlet.com citines-boutlet.com Failed	804 B
1	apidata.info apidata.info	636 B
1	znqroot.com 1 redirects znqroot.com	534 B
61	18

	Domain	Requested by
23	www.iqplaywin.com	citines-boutlet.com www.iqplaywin.com code.jquery.com ajax.googleapis.com
6	secure.soupdog.space	p.t67.me secure.soupdog.space
6	ajax.googleapis.com	p.t67.me secure.soupdog.space www.iqplaywin.com
3	maxcdn.bootstrapcdn.com	www.iqplaywin.com
3	fonts.googleapis.com	www.iqplaywin.com
2	srv.ibraincollege.com	www.iqplaywin.com ajax.googleapis.com
2	www.facebook.com	www.iqplaywin.com
2	www.google-analytics.com	www.googletagmanager.com www.iqplaywin.com
2	bat.bing.com	www.iqplaywin.com
2	connect.facebook.net	www.iqplaywin.com connect.facebook.net
2	app.logictree.co	1 redirects secure.soupdog.space
2	p.t67.me	p.t67.me
1	fonts.gstatic.com	ajax.googleapis.com
1	www.googletagmanager.com	www.iqplaywin.com
1	code.jquery.com	www.iqplaywin.com
1	www.24t7.me
1	citines-boutlet.com	app.logictree.co
1	apidata.info	p.t67.me
1	znqroot.com	1 redirects
61	19

This site contains no links.

Subject Issuer	Validity	Valid
sni45886.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-16` - `2020-03-24`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
sni162576.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-05` - `2020-03-13`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-04-26` - `2020-04-26`	a year	crt.sh
app.logictree.co Sectigo RSA Domain Validation Secure Server CA	`2019-03-13` - `2020-03-12`	a year	crt.sh
citines-boutlet.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-22` - `2020-07-20`	a year	crt.sh
www.iqplaywin.com Let's Encrypt Authority X3	`2019-09-05` - `2019-12-04`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
srv.ibraincollege.com Let's Encrypt Authority X3	`2019-09-07` - `2019-12-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Frame ID: 68F015D3D2FD90AA17A10D3AA7399BD4
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://znqroot.com/ HTTP 302
https://p.t67.me/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK HTTP 302
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yf... Page URL
https://app.logictree.co/click Page URL
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2... Page URL
https://www.24t7.me/ln/9tJk8LB4236?clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-... HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
script /angular.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

19
Subdomains

17
IPs

4
Countries

1703 kB
Transfer

2544 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znqroot.com/ HTTP 302
https://p.t67.me/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK HTTP 302
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/click Page URL
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ Page URL
https://www.24t7.me/ln/9tJk8LB4236?clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_ HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://znqroot.com/ HTTP 302
https://p.t67.me/t/?s6=1&s7=LG&s8=CAK

Request Chain 4

https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK HTTP 302
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
p.t67.me/t/
Redirect Chain

http://znqroot.com/
https://p.t67.me/t/?s6=1&s7=LG&s8=CAK

349 B
441 B

111ms
51ms

Document
text/html

2606:4700:30::681c:5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d

Request headers

:method: GET
:authority: p.t67.me
:scheme: https
:path: /t/?s6=1&s7=LG&s8=CAK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 21 Oct 2019 10:50:12 GMT
content-type: text/html
set-cookie: __cfduid=da212bba5576f661fed64f974f62c6f7b1571655012; expires=Tue, 20-Oct-20 10:50:12 GMT; path=/; domain=.t67.me; HttpOnly
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5292ab51ef9acbcc-VIE
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Oct 2019 10:50:11 GMT
Location: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=IVm4Pwj7RAIyMWOpZ18ezzhv/GkBzFfY+dMUln5oDsFMMnyoR47G8w==; domain=.znqroot.com; path=/; HttpOnly trk=li+5GCmDAoDHteKYsC+MsDhv/GkBzFfY+dMUln5oDsFMMnyoR47G8w==; domain=.znqroot.com; expires=Mon, 21-Oct-2024 11:50:12 GMT; path=/; HttpOnly
Content-Length: 162

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: p.t67.me
URL: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832148
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 19:41:04 GMT

GET
H2 200 js
apidata.info/ 795 B
636 B 159ms
64ms Script
application/javascript 2606:4700:30::6818:659a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://apidata.info/js
Requested by: Host: p.t67.me
URL: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:659a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3600
cf-ray: 5292ab52ebcf59dc-VIE
access-control-allow-headers: X-Requested-With

GET
H2 200 logic_tree.js Show response
p.t67.me/t/ 9 KB
2 KB 43ms
42ms Script
application/javascript 2606:4700:30::681c:5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://p.t67.me/t/logic_tree.js
Requested by: Host: p.t67.me
URL: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d1de152e7431d797b1207ef84f32abf40e4661a35f3aeaffc155e9d20dba75

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
etag: W/"5da98295-23e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5292ab5258f5cbcc-VIE
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H2

200

/ Show response
secure.soupdog.space/lp/load/1b/
Redirect Chain

https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnn...

2 KB
1 KB

233ms
62ms

Document
text/html

2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Requested by: Host: p.t67.me
URL: https://p.t67.me/t/logic_tree.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a821bc4fb42646c81f591fbb80c07c6a31ca0e28e27e620ccae6a0db74acc76c

Request headers

:method: GET
:authority: secure.soupdog.space
:scheme: https
:path: /lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://p.t67.me/t/?s6=1&s7=LG&s8=CAK

Response headers

status: 200
date: Mon, 21 Oct 2019 10:50:12 GMT
content-type: text/html
set-cookie: __cfduid=d0c4b2a9aa1bebaa9728dc98361f5afd41571655012; expires=Tue, 20-Oct-20 10:50:12 GMT; path=/; domain=.soupdog.space; HttpOnly
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5292ab556fcc8c8c-VIE
content-encoding: br

Redirect headers

Server: nginx
Date: Mon, 21 Oct 2019 10:50:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Pragma: no-cache
Set-Cookie: 10678c66-507a-4351-948f-6b66ce631461-v4=10678c66-507a-4351-948f-6b66ce631461;Max-Age=86400;Expires=Tue, 22-Oct-2019 10:50:12 GMT;domain=app.logictree.co;path=/;HttpOnly cep-v4=YQP8s2Ku8DT9g4bZ45miziVL9Fh8Sg6egF_TNhch8kFhvF3EExb_b6N_4EaUzOXxTz56npi0UFCE2yKXuUquNLtQ_tUyzUVRrqI20ZGNx2ciRsiYjN6dVdoPgwxGDdzJsu5ztmRJOwqEvs3Bdog_KwR6KClDsYxnG5bXTSnpwRWEPANjWJyrF1X9Xe37zF5pQy5b_iWvqsTXBv6hcgVhqY9MRhZeyVfa9rr-wVPnWpM2YQ8tWFU2yS3zLNEP-BEEbPm0XIVbHb74sjCHHnl8-ICizBIAG5V2Prac__PDGq3fVRApgrqkyv9EQ4XOE0Hhs0QUYNtlJMf8KKPpjvBwGvy-b-5rfFv6IEITmpCAgew;Max-Age=86400;Expires=Tue, 22-Oct-2019 10:50:12 GMT;domain=app.logictree.co;path=/;HttpOnly

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 15:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 848358
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 15:10:54 GMT

GET
H2 200 loader.gif
secure.soupdog.space/lp/load/1b/img/ 51 KB
51 KB 52ms
51ms Image
image/gif 2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.soupdog.space/lp/load/1b/img/loader.gif
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
etag: "5da98295-cc19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5292ab5618598c8c-VIE
content-length: 52249
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H2 200 url-pixel.png
secure.soupdog.space/lp/load/1b/ 95 B
181 B 41ms
40ms Image
image/png 2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.soupdog.space/lp/load/1b/url-pixel.png
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
etag: "5da98295-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5292ab56185a8c8c-VIE
content-length: 95
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H2 200 gotoURL.js Show response
secure.soupdog.space/script/ 3 KB
962 B 17ms
17ms Script
application/javascript 2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.soupdog.space/script/gotoURL.js
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ffa9dde1f943aee27f1a1c333b65b4cd1d85e0575988446088b1bb63e00bebb

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
age: 2606
etag: W/"5da98295-bf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5292ab5638738c8c-VIE
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H2 200 bckbtn.js Show response
secure.soupdog.space/script/ 1012 B
523 B 25ms
25ms Script
application/javascript 2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.soupdog.space/script/bckbtn.js
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
age: 5746
etag: W/"5da98295-3f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5292ab5658ac8c8c-VIE
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H2 200 swgfonts.js Show response
secure.soupdog.space/script/ 965 B
518 B 18ms
18ms Script
application/javascript 2606:4700:30::681f:46e4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.soupdog.space/script/swgfonts.js
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 09:15:01 GMT
server: cloudflare
age: 2606
etag: W/"5da98295-3c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5292ab5678cc8c8c-VIE
expires: Mon, 21 Oct 2019 14:50:12 GMT

GET
H/1.1 200
OK Cookie set click Show response
app.logictree.co/ 836 B
1 KB 182ms
182ms Document
text/html 18.195.30.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://app.logictree.co/click
Requested by: Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=uADW3JzXbfpc1-3x_gsnv3yfDgKBb9eVEdcDbP3UUNCPl_VmCDcCkHgxTszVefaes2g7ndh3EwmXty6bsCKmDCLcbxU06KmVBeg5oi_FzmHTzumnuNnnrxuCt6IqYMV7Yxhp4RYbwOfF3xMsIdJ6mlRMaB2BoQLdNQEXvwW1xHFQOp042zU1J05lqLA2uRGC1uuQizFEBIHKUGYYWaqCuVNXA6K8Y0PVDDUVbRu-euQCJ98RZo99d6sUtmI-gSFaVnDaYWlfXZSkOsFqSlNjfop3e73EEJ28VTkbRhx3V5TW30ZvHXc7VsQ_YLiLoxC_DA1RkGHRDLmqPs9RXjAbnqmWk91hHF8id_RZeqDh0g0&lptoken=15897144654568411236&s6=1&s7=LG&s8=CAK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.30.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 06c6d839dd4380fbeb49452b61e922b8ad768f26b670f12d8e7a351f9ecee872

Request headers

Host: app.logictree.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Cookie: 10678c66-507a-4351-948f-6b66ce631461-v4=10678c66-507a-4351-948f-6b66ce631461; cep-v4=YQP8s2Ku8DT9g4bZ45miziVL9Fh8Sg6egF_TNhch8kFhvF3EExb_b6N_4EaUzOXxTz56npi0UFCE2yKXuUquNLtQ_tUyzUVRrqI20ZGNx2ciRsiYjN6dVdoPgwxGDdzJsu5ztmRJOwqEvs3Bdog_KwR6KClDsYxnG5bXTSnpwRWEPANjWJyrF1X9Xe37zF5pQy5b_iWvqsTXBv6hcgVhqY9MRhZeyVfa9rr-wVPnWpM2YQ8tWFU2yS3zLNEP-BEEbPm0XIVbHb74sjCHHnl8-ICizBIAG5V2Prac__PDGq3fVRApgrqkyv9EQ4XOE0Hhs0QUYNtlJMf8KKPpjvBwGvy-b-5rfFv6IEITmpCAgew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate

Response headers

Server: nginx
Date: Mon, 21 Oct 2019 10:50:13 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 836
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: cc-v4=HputHmpJTO7S7z1McYPpawslvdxvrCb5cA%2FVKup13CaKNc8wSH52dF14c58qBJ1rGVskopWtS6Qp3mnp5lYZ0COCnD9mzzPnMTG5F9%2B3kZusbZcKZbFC9Hr0nKgIb2fJ%2Bf%2BBYI5BpwpKTH3N2DWhTg%3D%3D;Max-Age=31536000;Expires=Tue, 20-Oct-2020 10:50:13 GMT;domain=app.logictree.co;path=/;HttpOnly

GET redirect
citines-boutlet.com/ 0
0

GET
H/1.1 200
OK redirect Show response
citines-boutlet.com/ 510 B
804 B 27ms
7ms Document
text/html 18.195.30.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ
Requested by: Host: app.logictree.co
URL: https://app.logictree.co/click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.30.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d817ea80d44c98e1f9dfb6d8e9178dd9b7f53b4d4ce6f5aa2df83e7840a0edb3

Request headers

Host: citines-boutlet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://app.logictree.co/click
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://app.logictree.co/click

Response headers

Server: nginx
Date: Mon, 21 Oct 2019 10:50:13 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET 9tJk8LB4236
www.24t7.me/ln/ 0
0

GET
H2

200

Primary Request welcome.html Show response
www.iqplaywin.com/
Redirect Chain

https://www.24t7.me/ln/9tJk8LB4236?clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

5 KB
5 KB

267ms
218ms

Document
text/html

35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Requested by: Host: citines-boutlet.com
URL: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7128eb4da794fa16439a604286b05df140a57559c726f990a94be9497b50aa7

Request headers

:method: GET
:authority: www.iqplaywin.com
:scheme: https
:path: /welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ

Response headers

status: 200
x-guploader-uploadid: AEnB2UrjI42FgTqMIpfSFdY0givwk9J0kySlBJJmamya1fV47smPiKkYAd7T3F0jTu9s-vyJz4Evmkqokdar7JisduKv_QaKHA
expires: Mon, 21 Oct 2019 10:50:14 GMT
date: Mon, 21 Oct 2019 10:50:14 GMT
cache-control: private, max-age=0
last-modified: Tue, 10 Sep 2019 14:21:02 GMT
etag: "7227a7b394d81e1ade79221b3c7954f6"
x-goog-generation: 1568125262231596
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4942
content-type: text/html
x-goog-hash: crc32c=/7HY1A== md5=ciens5TYHhreeSIbPHlU9g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 4942
server: UploadServer
alt-svc: clear

Redirect headers

status: 302
date: Mon, 21 Oct 2019 10:50:13 GMT
content-type: text/plain
content-length: 0
location: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
server: Apache-Coyote/1.1

GET
H2 200 consts.js Show response
www.iqplaywin.com/consts/ 69 B
331 B 222ms
220ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/consts/consts.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
x-guploader-uploadid: AEnB2Uo1ZdskkML0vnIcxTu5Krhlelr5wlFHGFFZpuNBdOIdb8Vdp_qbLIrtqnQaE5GChYJ7IKBbZcLUT6mQEe357iUwtUFVFQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 69
last-modified: Tue, 10 Sep 2019 14:07:18 GMT
server: UploadServer
etag: "43b3aa52fbaabf46d70b8d1c33c2213f"
x-goog-hash: crc32c=5XHM4Q==, md5=Q7OqUvuqv0bXC40cM8IhPw==
x-goog-generation: 1568124438288909
cache-control: private, max-age=0
x-goog-stored-content-length: 69
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 preAppLoading.js Show response
www.iqplaywin.com/ 5 KB
5 KB 221ms
218ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/preAppLoading.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7f361277b0b66b972113cbaa535570efff61e0bf9e7289de980914befd37a698

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
x-guploader-uploadid: AEnB2UqZyfaXlKBbM5YB54O75e02RXGIBtWpBdS-jWpH-M_RcdqQKxLQPhhFh1wluc0BDNHl3BgV4Qngsd8WyPykJEnVASBIjg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 4783
last-modified: Sun, 13 Oct 2019 10:34:10 GMT
server: UploadServer
etag: "4c7d8cbf236277ab46011e0ecb5f1b38"
x-goog-hash: crc32c=RWX1pA==, md5=TH2MvyNid6tGAR4Oy18bOA==
x-goog-generation: 1570962850219663
cache-control: private, max-age=0
x-goog-stored-content-length: 4783
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
373 B 34ms
18ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 10:50:14 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 10:50:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
744 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mada:400,700

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 10:50:14 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 10:50:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 23ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 28ms
12ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK jquery-3.1.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 23ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.0.min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 10:50:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2016 21:45:52 GMT
Server: nginx
ETag: W/"577ecd90-1514f"
Vary: Accept-Encoding
X-HW: 1571655014.dop144.fr8.shc,1571655014.dop144.fr8.t,1571655014.cds150.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30019

GET
H2 200 fingerprintjs2.js Show response
www.iqplaywin.com/ 35 KB
36 KB 217ms
215ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/fingerprintjs2.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
x-guploader-uploadid: AEnB2Up0dstpU3i9lriWFQQlitUoZj8QefNrwSPcwHI0E0C3DJI9GXiWFhHZ1IDiZ6Tfxq9UtsNvBnHQWv9HYqbnZ2zCnfvRCA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 36185
last-modified: Tue, 10 Sep 2019 14:20:58 GMT
server: UploadServer
etag: "68ab45bd98459cb766f3ab26d086e5f5"
x-goog-hash: crc32c=OuDATw==, md5=aKtFvZhFnLdm86sm0Ibl9Q==
x-goog-generation: 1568125258312231
cache-control: private, max-age=0
x-goog-stored-content-length: 36185
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 156 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 07:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876280
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56572
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 07:25:34 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 25 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 07:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876106
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9274
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 07:28:28 GMT

GET
H2 200 angular-sanitize.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 26 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-sanitize.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 10:08:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 866528
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8207
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 10:08:06 GMT

GET
H2 200 angular-resource.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 4 KB
2 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-resource.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 22:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218998
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Oct 2020 22:00:16 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 27ms
12ms Script
text/javascript 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 css-all-min.css
www.iqplaywin.com/minified/css/ 50 KB
50 KB 210ms
208ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/minified/css/css-all-min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8a24f4329046ed547cc4a0c95bb73180763ec884bee071857bab1469a00b80e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
x-guploader-uploadid: AEnB2UoDUpSUldxkEwz3gJzLrnH4ma_oV6Q2mUCqKj6xgPjifJ0rRpVj6qlC-WiMmVuzr7WCjTL1nEp8ihdfdVUwOYEUnSGIyg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 51208
last-modified: Tue, 10 Sep 2019 14:20:55 GMT
server: UploadServer
etag: "c2f33a76f3053193c64fb571fe3651fa"
x-goog-hash: crc32c=rpikaQ==, md5=wvM6dvMFMZPGT7Vx/jZR+g==
x-goog-generation: 1568125255343952
cache-control: private, max-age=0
x-goog-stored-content-length: 51208
accept-ranges: bytes
content-type: text/css
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 js-all-min.js Show response
www.iqplaywin.com/minified/js/ 11 KB
11 KB 215ms
214ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/minified/js/js-all-min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e2f993f2b6de765a61e278573554db0964160a365779f200b5cb315b4697d88

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
x-guploader-uploadid: AEnB2Urhzc9wuVTD04Xrndg-7Wimy0P6M4aMExqyN5NTyZEekdOZB4joLupaOtz3OygxDl0d_uqqNegyECCnDX1hE6W5rmRhuA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 11105
last-modified: Tue, 10 Sep 2019 14:20:56 GMT
server: UploadServer
etag: "3d2db513eac1b9d8a6bf792d464c8569"
x-goog-hash: crc32c=r5vObg==, md5=PS21E+rBudimv3ktRkyFaQ==
x-goog-generation: 1568125256272765
cache-control: private, max-age=0
x-goog-stored-content-length: 11105
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 59 KB
22 KB 29ms
15ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fc89b6f645417dd222d1aa9976c12e30b1bad12fb3445fd5363f780b35df462

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: br
last-modified: Mon, 21 Oct 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22216
x-xss-protection: 0
expires: Mon, 21 Oct 2019 10:50:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 19ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 22458
x-xss-protection: 0
pragma: public
x-fb-debug: D9CQP2hiYDqmIK6LIGtO00aTD9mrF7WeHiTlWmU9v+moCs0Xu9a9m1GCf8Hhy/3vGIj1K72pEjlshl89le0rPQ==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 10:50:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 78ms
48ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: DE36F743EA00468A87101C4EBA5F9ED2 Ref B: VIEEDGE0309 Ref C: 2019-10-21T10:50:14Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 596950890744347 Show response
connect.facebook.net/signals/config/ 280 KB
65 KB 139ms
139ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/596950890744347?v=2.9.5&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

30f28990de24f5b75625522a3b9edb5135be156fa1b1298670b70d49b0f48936

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: az9d0tsjPuKiRtEoqzPy/Pu/u8AU36dstUtviUdHRmupcSQmihooAFI9gGZuylbdQOvGW/XsBI7IVZlU3px8SQ==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 10:50:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4539
date: Mon, 21 Oct 2019 09:34:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 21 Oct 2019 11:34:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
199 B 13ms
13ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=11347217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1141%26clickid%3Ddck6jd6va1ossa7q1bkk6ubo%26pub%3Da7f48a40-0785-47a8-b3da-aafca3c6d191_&dr=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw%26ts%3D1571655013326%26hash%3DroKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI%26rm%3DDJ&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1743658477&gjid=1117554763&cid=387757531.1571655014&tid=UA-112527136-1&_gid=536456019.1571655014&_r=1&gtm=2wgaa0W5CPMVX&z=1610000050

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 10:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
347 B 17ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=596950890744347&ev=PageView&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1141%26clickid%3Ddck6jd6va1ossa7q1bkk6ubo%26pub%3Da7f48a40-0785-47a8-b3da-aafca3c6d191_&rl=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw%26ts%3D1571655013326%26hash%3DroKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI%26rm%3DDJ&if=false&ts=1571655014362&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1571655014361.1740705772&it=1571655014200&coo=false&rqm=GET

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 21 Oct 2019 10:50:14 GMT

POST
H2 200 checkByIp Show response
srv.ibraincollege.com/rest/iq/ 109 B
243 B 149ms
149ms XHR
application/json 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/iq/checkByIp
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/preAppLoading.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.iqplaywin.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 404 script.js Show response
www.iqplaywin.com/LP/1141/ 127 B
319 B 220ms
220ms XHR
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/script.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UovSn1pKMF2EYF2x1P_9-7RqnWKGe71rxn-ZQHD777kZBlSkuam_reyGZfoBtZq9edmov2eNKdwX9PGRYepLxZdAwex_g
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 204 0
bat.bing.com/action/ 0
227 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26024093&Ver=2&mid=2446110c-e433-6c6d-8656-a2caaa137c59&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1141%26clickid%3Ddck6jd6va1ossa7q1bkk6ubo%26pub%3Da7f48a40-0785-47a8-b3da-aafca3c6d191_&r=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw%26ts%3D1571655013326%26hash%3DroKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI%26rm%3DDJ&lt=1652&evt=pageLoad&msclkid=N&rn=349379
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 21 Oct 2019 10:50:14 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E185FC323A5741229A8388EE1B794C87 Ref B: VIEEDGE0309 Ref C: 2019-10-21T10:50:15Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_DE.js Show response
www.iqplaywin.com/LP/1141/translate/ 2 KB
3 KB 346ms
346ms XHR
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/translate/translate_DE.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4313b80e65bf3ad62ef272a098ebc4bb8d742df10c12a0a7f50ebc1c5dd8aa9c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UqZw2p4KNT4pQ1kNsO6EG6B7o4SDXk1FmgAQBzk3XAvTbpLTEwFfWw3C9W_0jT6vhvh8Q3uBurglIwW9K0DkSQI2LD7Jg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2439
last-modified: Tue, 10 Sep 2019 14:11:30 GMT
server: UploadServer
etag: "ec864836f23a9135525af9d433cdf5aa"
x-goog-hash: crc32c=q7UnZw==, md5=7IZINvI6kTVSWvnUM831qg==
x-goog-generation: 1568124690478472
cache-control: private, max-age=0
x-goog-stored-content-length: 2439
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 translate_EN.js Show response
www.iqplaywin.com/LP/1141/translate/ 2 KB
3 KB 212ms
212ms XHR
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/translate/translate_EN.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f6ef36f29b75e7e91fd2c1e2bff47248334ab1e000a002396715fb839670468

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2Ura1v3mEsSG_Ncx_OuVpLd3NvY5hBK5DANeRI1JtV4Jcol6XCiFvT5EpXivZtttTPYxgjUdV6SEut-in2T50QkIS2uxfg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2458
last-modified: Tue, 10 Sep 2019 14:11:32 GMT
server: UploadServer
etag: "fa583e6238b44e46e4da2d64287b5a8d"
x-goog-hash: crc32c=z64vjA==, md5=+lg+Yji0Tkbk2i1kKHtajQ==
x-goog-generation: 1568124692413174
cache-control: private, max-age=0
x-goog-stored-content-length: 2458
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 10:50:15 GMT

POST
H2 200 userTracking Show response
srv.ibraincollege.com/rest/activity/ 0
208 B 167ms
150ms XHR
text/plain 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/activity/userTracking
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

date: Mon, 21 Oct 2019 10:50:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 200
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.iqplaywin.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 style.css
www.iqplaywin.com/LP/1141/ 11 KB
11 KB 218ms
218ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/style.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c30ae2ad37e04fa1e3556d8e9ee15fc3cb7fba5848645d89211fc662e0e7a520

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UptD7U-dGz6CKpdOchZAYk-ur-qQ4tqVOzubquM1KudqN1VPPxz9S0BmdKUc06Yy4zOqLMe29TCDLQhE-r_08eDnsCO8g
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 11247
last-modified: Tue, 10 Sep 2019 14:11:27 GMT
server: UploadServer
etag: "6b98d63ca95c4e1581f434b734e1528b"
x-goog-hash: crc32c=Y9Og4g==, md5=a5jWPKlcThWB9DS3NOFSiw==
x-goog-generation: 1568124687744795
cache-control: private, max-age=0
x-goog-stored-content-length: 11247
accept-ranges: bytes
content-type: text/css
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 content.html Show response
www.iqplaywin.com/LP/1141/ 13 KB
13 KB 212ms
212ms XHR
text/html 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/content.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1412efb573e942bb030953efcbbc84021e585fa68a519069f7829977e562ab6e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UqLRNpLZ_ZEQFq2dvCZilhI9XxobN16QC-JefpBz26f0qaspXgRyuhUyn06D4tPKZ1EVmgFtbTwBQgoKNBVGdizwsLrQQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 13526
last-modified: Tue, 10 Sep 2019 14:11:19 GMT
server: UploadServer
etag: "3fb621f0ee1334ae68f6eb1115690ecc"
x-goog-hash: crc32c=6dUrUg==, md5=P7Yh8O4TNK5o9usRFWkOzA==
x-goog-generation: 1568124679567905
cache-control: private, max-age=0
x-goog-stored-content-length: 13526
accept-ranges: bytes
content-type: text/html
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 404 createAccountDialog.html Show response
www.iqplaywin.com/LP/1141/ 127 B
274 B 221ms
221ms XHR
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1141/createAccountDialog.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UoG7-QGRHt-VVffe0wg1XG2q7xVhU52L2BTiwsw9OWZs-qRalcvmD_bYpqfS_cK-XKucZKOXQMpaE83G2RtVFjxG__uyw
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 spin.svg
www.iqplaywin.com/images/LandingPage/ 3 KB
3 KB 213ms
213ms Image
image/svg+xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/LandingPage/spin.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/minified/css/css-all-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2Up98UvWymJ-fCjuGl1DtGxsCFn876y8BxwYjGULWB6QTpvZIOM1Wh6Y_kCZPs9fbKrzq0QNI5eZs7ZAfyv6_sWF50V2uw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3078
last-modified: Tue, 10 Sep 2019 14:07:28 GMT
server: UploadServer
etag: "660af47f3c331aca339f6ff4cfaf5289"
x-goog-hash: crc32c=7qiuFw==, md5=Zgr0fzwzGsozn2/0z69SiQ==
x-goog-generation: 1568124448027465
cache-control: private, max-age=0
x-goog-stored-content-length: 3078
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 general.css
www.iqplaywin.com/ 5 KB
5 KB 210ms
210ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/general.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UoSilb78QAmQIoQvSby5mykVdvCByChaNDzHcbKx3rtLee-oSLSUitRTTYaLx1fOmkURzazcqOH_2g7i6sA_pguIDOBiA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 4976
last-modified: Tue, 10 Sep 2019 14:20:59 GMT
server: UploadServer
etag: "d562d198e5a760eebf6c183cd4e5c24a"
x-goog-hash: crc32c=YlxKTg==, md5=1WLRmOWnYO6/bBg81OXCSg==
x-goog-generation: 1568125259280114
cache-control: private, max-age=0
x-goog-stored-content-length: 4976
accept-ranges: bytes
content-type: text/css
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 59 KB
60 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://www.iqplaywin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 04:27:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:50:48 GMT
server: sffe
age: 454941
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60840
x-xss-protection: 0
expires: Thu, 15 Oct 2020 04:27:54 GMT

GET
H2 200 amazing-logo.svg
www.iqplaywin.com/images/ 5 KB
5 KB 216ms
215ms Image
image/svg+xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/amazing-logo.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2Up-k4jnMLD-S4QQ3sYwPh_RNunw1vOBFXgkqj3rvkYuoASZDnqmBM2Ywc6FeRVUKo-E4QMR8ftsppEfdVuFttFdPp9R9w
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 5054
last-modified: Tue, 10 Sep 2019 14:07:25 GMT
server: UploadServer
etag: "f8de608b6c80f2667b0b2eb1a9790dfd"
x-goog-hash: crc32c=y2zgrA==, md5=+N5gi2yA8mZ7Cy6xqXkN/Q==
x-goog-generation: 1568124445310026
cache-control: private, max-age=0
x-goog-stored-content-length: 5054
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-white.png
www.iqplaywin.com/LP/1141/images/ 115 KB
115 KB 285ms
284ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 380d041bb1aca691a8a6b2f52909576c88d26a833a95366dc7ba134d2e2b9670

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2Ur4N0xI5q3KYB_t3_16AfnNUozGgV_Vlgg7h6m1wwHF3ygqHuWVJ0Vafg1bqk6QWZa2ozBDZdRoNa30epLwlS3BTwnY-A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 117856
last-modified: Tue, 10 Sep 2019 14:11:24 GMT
server: UploadServer
etag: "e7909312a8673c3b738ad39539590b9a"
x-goog-hash: crc32c=4+SnqA==, md5=55CTEqhnPDtzitOVOVkLmg==
x-goog-generation: 1568124684783090
cache-control: private, max-age=0
x-goog-stored-content-length: 117856
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-white2.png
www.iqplaywin.com/LP/1141/images/ 161 KB
161 KB 210ms
209ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-white2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99220035ededf664aaac1d0bf530c5f3997466f45d95c2232801f492bcd74d0f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UqIe7w06xwzs2bB2azJuI0W8Un366gCExefRFuPhOLrTS11td82ByJkvuuhO8YNQNO8jBHN1VR8M-f5L52Q9rSNyH3gpw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 164681
last-modified: Tue, 10 Sep 2019 14:11:25 GMT
server: UploadServer
etag: "91b7e252296c052a07cb0fa0a0d292ad"
x-goog-hash: crc32c=AB+qxQ==, md5=kbfiUilsBSoHyw+goNKSrQ==
x-goog-generation: 1568124685688400
cache-control: private, max-age=0
x-goog-stored-content-length: 164681
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-black.png
www.iqplaywin.com/LP/1141/images/ 135 KB
135 KB 406ms
405ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-black.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3374079c45cb6007fd53b880ddf57bc5d54ec3d4e67c08141ddf9523d857d265

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UpnSH-0M319sFWIK9L7zLz7vdpMopczAOfSZ5UfQrqHrzPLGKAfBg82xGCG2Wbw4Jxp8hnPd3_ujpH2LVo4h_KzpMjb0g
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 138149
last-modified: Tue, 10 Sep 2019 14:11:19 GMT
server: UploadServer
etag: "4511ee97ca9e4e06e8971f3c8f7e9378"
x-goog-hash: crc32c=a9MBxg==, md5=RRHul8qeTgbolx88j36TeA==
x-goog-generation: 1568124679883546
cache-control: private, max-age=0
x-goog-stored-content-length: 138149
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-black2.png
www.iqplaywin.com/LP/1141/images/ 168 KB
168 KB 220ms
219ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-black2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 343d6cfd8c0e4df5def58530902da480809098f94dbf81303f3c45cc10d66e9b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UpBN4llk3QLTMTltbXtlPUB0W8QZS-8YAl-144iqwHDLeVECTdztsOiD7VhHNdtGZ29AUt5nCbOj9pQTot3M1vkGweJiw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 171629
last-modified: Tue, 10 Sep 2019 14:11:22 GMT
server: UploadServer
etag: "05d007f49aa36314ef0097e5759edb87"
x-goog-hash: crc32c=LGLLuQ==, md5=BdAH9JqjYxTvAJfldZ7bhw==
x-goog-generation: 1568124682295915
cache-control: private, max-age=0
x-goog-stored-content-length: 171629
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-green.png
www.iqplaywin.com/LP/1141/images/ 133 KB
133 KB 217ms
216ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-green.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ae7207ad2ba7e0d3aa76587dbe372a5d2300553798e07de5b0a9a20d7091bbf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UrkJ8Jp4OU6kh9CAOoYu8RwzaNO0XgNtSKzHrlib-ANxzau4ub5mgpOZk3xnrHD6WqsNOjEDYghxpCdxtP4egqS-EXtLg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 136106
last-modified: Tue, 10 Sep 2019 14:11:22 GMT
server: UploadServer
etag: "0f1026c6925ae97aa31937ce32a1a3df"
x-goog-hash: crc32c=n3Jovw==, md5=DxAmxpJa6XqjGTfOMqGj3w==
x-goog-generation: 1568124682155759
cache-control: private, max-age=0
x-goog-stored-content-length: 136106
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-green2.png
www.iqplaywin.com/LP/1141/images/ 202 KB
202 KB 211ms
211ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-green2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0dccf604761a186730d4f739b79eab6c2c0d847e1467ecf25e6d42132cb6664

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UryTLWtL2-ZvGNRjfw23lPiTL6hBW122mGQYtB3OFWvDnsyiNKCVYkc-gYh0IQEYr8usfemWPSANlba28eKjNO_vfS4uw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 206654
last-modified: Tue, 10 Sep 2019 14:11:22 GMT
server: UploadServer
etag: "871d93067c4e3a78db949d8a64eab552"
x-goog-hash: crc32c=G5UFnQ==, md5=hx2TBnxOOnjblJ2KZOq1Ug==
x-goog-generation: 1568124682901739
cache-control: private, max-age=0
x-goog-stored-content-length: 206654
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 samsung-s10-white1.png
www.iqplaywin.com/LP/1141/images/ 161 KB
161 KB 213ms
213ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1141/images/samsung-s10-white1.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99220035ededf664aaac1d0bf530c5f3997466f45d95c2232801f492bcd74d0f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UpY4E4REiEMXlNymlzT6PCygSCqLZ-fFhDD_uA0WcPXjqg-gYb7oBFY9iYXgJ0HYeY3CpEOgQst0PwvGMT6NoRKDt2xtQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 164681
last-modified: Tue, 10 Sep 2019 14:11:24 GMT
server: UploadServer
etag: "91b7e252296c052a07cb0fa0a0d292ad"
x-goog-hash: crc32c=AB+qxQ==, md5=kbfiUilsBSoHyw+goNKSrQ==
x-goog-generation: 1568124684993196
cache-control: private, max-age=0
x-goog-stored-content-length: 164681
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 ssl.png
www.iqplaywin.com/images/ 13 KB
13 KB 211ms
211ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/ssl.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:15 GMT
x-guploader-uploadid: AEnB2UrcCAaYfCMknANNLEe0V3inftkhY71KC05I5jCyiZVJysPLlT1atVW87ULa7uJeYVuZgycAC0DISL1XBuheAu0sEHYODg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 13284
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: UploadServer
etag: "5dbad574b841d7a0d9b6677440163c68"
x-goog-hash: crc32c=FAQz+g==, md5=XbrVdLhB16DZtmd0QBY8aA==
x-goog-generation: 1568124449391829
cache-control: private, max-age=0
x-goog-stored-content-length: 13284
accept-ranges: bytes
content-type: image/png
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
778 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

81f7f7891471a8fefa2e5b6ee38b8edf9d547aebc25c8012a948e90e7c97fc6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 10:50:15 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 10:50:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 10:50:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=596950890744347&ev=Microdata&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1141%26clickid%3Ddck6jd6va1ossa7q1bkk6ubo%26pub%3Da7f48a40-0785-47a8-b3da-aafca3c6d191_&rl=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw%26ts%3D1571655013326%26hash%3DroKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI%26rm%3DDJ&if=false&ts=1571655016050&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iqplaywin.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbp=fb.1.1571655016049.1697732607&it=1571655014200&coo=false&es=automatic&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1141&clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 10:50:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 21 Oct 2019 10:50:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citines-boutlet.com
URL: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi85dEprOExCNDIzNj9jbGlja2lkPWRjazZqZDZ2YTFvc3NhN3ExYmtrNnVibyZwdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXw&ts=1571655013326&hash=roKLMezhKKVN-t-omEZS1oTqf7OtcLIu4Aqp4eNLxdI&rm=DJ

Domain: www.24t7.me
URL: https://www.24t7.me/ln/9tJk8LB4236?clickid=dck6jd6va1ossa7q1bkk6ubo&pub=a7f48a40-0785-47a8-b3da-aafca3c6d191_

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apidata.info
app.logictree.co
bat.bing.com
citines-boutlet.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
p.t67.me
secure.soupdog.space
srv.ibraincollege.com
www.24t7.me
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.iqplaywin.com
znqroot.com
citines-boutlet.com
www.24t7.me
18.195.30.247
18.200.138.57
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3b
2606:4700:30::6818:659a
2606:4700:30::681c:5
2606:4700:30::681f:46e4
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.244.175.13
35.244.205.206
54.200.87.201
06c6d839dd4380fbeb49452b61e922b8ad768f26b670f12d8e7a351f9ecee872
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5
0f6ef36f29b75e7e91fd2c1e2bff47248334ab1e000a002396715fb839670468
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1412efb573e942bb030953efcbbc84021e585fa68a519069f7829977e562ab6e
1fc89b6f645417dd222d1aa9976c12e30b1bad12fb3445fd5363f780b35df462
25d1de152e7431d797b1207ef84f32abf40e4661a35f3aeaffc155e9d20dba75
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30f28990de24f5b75625522a3b9edb5135be156fa1b1298670b70d49b0f48936
3374079c45cb6007fd53b880ddf57bc5d54ec3d4e67c08141ddf9523d857d265
343d6cfd8c0e4df5def58530902da480809098f94dbf81303f3c45cc10d66e9b
380d041bb1aca691a8a6b2f52909576c88d26a833a95366dc7ba134d2e2b9670
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
4313b80e65bf3ad62ef272a098ebc4bb8d742df10c12a0a7f50ebc1c5dd8aa9c
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856
616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756
6ffa9dde1f943aee27f1a1c333b65b4cd1d85e0575988446088b1bb63e00bebb
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f361277b0b66b972113cbaa535570efff61e0bf9e7289de980914befd37a698
81f7f7891471a8fefa2e5b6ee38b8edf9d547aebc25c8012a948e90e7c97fc6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a24f4329046ed547cc4a0c95bb73180763ec884bee071857bab1469a00b80e3
8e2f993f2b6de765a61e278573554db0964160a365779f200b5cb315b4697d88
907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df
99220035ededf664aaac1d0bf530c5f3997466f45d95c2232801f492bcd74d0f
9ae7207ad2ba7e0d3aa76587dbe372a5d2300553798e07de5b0a9a20d7091bbf
9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
a821bc4fb42646c81f591fbb80c07c6a31ca0e28e27e620ccae6a0db74acc76c
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
c30ae2ad37e04fa1e3556d8e9ee15fc3cb7fba5848645d89211fc662e0e7a520
d0dccf604761a186730d4f739b79eab6c2c0d847e1467ecf25e6d42132cb6664
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
d817ea80d44c98e1f9dfb6d8e9178dd9b7f53b4d4ce6f5aa2df83e7840a0edb3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f
f7128eb4da794fa16439a604286b05df140a57559c726f990a94be9497b50aa7
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

www.iqplaywin.com Open in urlscan Pro 35.244.205.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

72 %IPv6

18 Domains

19 Subdomains

17 IPs

4 Countries

1703 kBTransfer

2544 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.iqplaywin.com Open in urlscan Pro
35.244.205.206 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

72 %
IPv6

18
Domains

19
Subdomains

17
IPs

4
Countries

1703 kB
Transfer

2544 kB
Size

0
Cookies

61 HTTP transactions
0 data transactions