urlscan.io logo urlscan.io
SecurityTrails logo

qbwjq.waitingfotyou.net Open in urlscan Pro
2a05:d018:244:5200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blondvmobe.blogspot.ro/
Effective URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Submission: On April 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is qbwjq.waitingfotyou.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 11th 2020. Valid for: 3 months.
This is the only time qbwjq.waitingfotyou.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blondvmobe.blogspot.ro
2    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blondvmobe.blogspot.com
2    2a00:1450:4001:806::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:81d::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
1    81.177.165.133 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv175-h-st.jino.ru
milfaforyou.host
1    2a05:d018:244:5200::ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
qbwjq.waitingfotyou.net
27    23.53.40.34 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-53-40-34.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:1f18:454c:f520:6db1:847:ac8a:9321 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
theseoffersforyou.com
2    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.50.248.253 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
tdsjsext3.com
Domain Requested by
27 cdn-aimi.akamaized.net 1 redirects qbwjq.waitingfotyou.net
4 theseoffersforyou.com qbwjq.waitingfotyou.net
theseoffersforyou.com
cdn-aimi.akamaized.net
2 fonts.gstatic.com cdn-aimi.akamaized.net
2 www.blogger.com blondvmobe.blogspot.com
2 blondvmobe.blogspot.com blondvmobe.blogspot.com
1 tdsjsext3.com cdn-aimi.akamaized.net
1 fonts.googleapis.com qbwjq.waitingfotyou.net
1 cdnjs.cloudflare.com qbwjq.waitingfotyou.net
1 qbwjq.waitingfotyou.net blondvmobe.blogspot.com
1 milfaforyou.host 1 redirects
1 resources.blogblog.com blondvmobe.blogspot.com
1 apis.google.com blondvmobe.blogspot.com
1 blondvmobe.blogspot.ro 1 redirects
42 13

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.waitingfotyou.net
Let's Encrypt Authority X3		 2020-03-11 -
2020-06-09		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
witch-fucker.com
Amazon		 2020-04-15 -
2021-05-15		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
tdsjsext3.com
Let's Encrypt Authority X3		 2020-03-24 -
2020-06-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Frame ID: DABA8FD777BFEB7F9D3ECBD10E0B9579
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://blondvmobe.blogspot.ro/ HTTP 302
    https://blondvmobe.blogspot.com/ Page URL
  2. http://milfaforyou.host/raspredelen/196 HTTP 302
    https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

42
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

813 kB
Transfer

2316 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blondvmobe.blogspot.ro/ HTTP 302
    https://blondvmobe.blogspot.com/ Page URL
  2. http://milfaforyou.host/raspredelen/196 HTTP 302
    https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://blondvmobe.blogspot.ro/ HTTP 302
  • https://blondvmobe.blogspot.com/
Request Chain 28
  • https://cdn-aimi.akamaized.net/images/poster_alt.jpg HTTP 302
  • https://cdn-aimi.akamaized.net/404

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
blondvmobe.blogspot.com/
Redirect Chain
  • https://blondvmobe.blogspot.ro/
  • https://blondvmobe.blogspot.com/
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20d899a813e7d1a518e43d5d2d6112f5d618cbacdeefd7f44ac30e4d2210f6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blondvmobe.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Thu, 16 Apr 2020 21:39:17 GMT
date
Thu, 16 Apr 2020 21:39:17 GMT
cache-control
private, max-age=0
last-modified
Mon, 13 Apr 2020 18:42:35 GMT
etag
W/"8782a45a0099a793a0aa3a9d6ac49ba3835ce1be4e06997034e57dbddd790466"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9432
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
302
location
https://blondvmobe.blogspot.com/
content-type
text/html; charset=UTF-8
content-encoding
gzip
date
Thu, 16 Apr 2020 21:39:17 GMT
expires
Thu, 16 Apr 2020 21:39:17 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
x-xss-protection
1; mode=block
content-length
178
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blondvmobe.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 12:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Apr 2020 06:24:04 GMT
server
sffe
age
33235
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7979
x-xss-protection
0
expires
Fri, 16 Apr 2021 12:25:22 GMT
plusone.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blondvmobe.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 21:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-qKLCkPs9jjDxlX5agNJsHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"5f9d292e21463dcdac45eb1487faa3a1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 16 Apr 2020 21:39:17 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blondvmobe.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:39:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Apr 2020 12:19:19 GMT
server
sffe
age
180013
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Tue, 21 Apr 2020 19:39:04 GMT
cookienotice.js
blondvmobe.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blondvmobe.blogspot.com/js/cookienotice.js
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blondvmobe.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 11:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Apr 2020 09:30:53 GMT
server
sffe
age
210502
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2026
x-xss-protection
0
expires
Tue, 21 Apr 2020 11:10:55 GMT
3638369130-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3638369130-widgets.js
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blondvmobe.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 07:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 09:14:15 GMT
server
sffe
age
137554
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
53114
x-xss-protection
0
expires
Thu, 15 Apr 2021 07:26:43 GMT
Primary Request da57dc555e50572d
qbwjq.waitingfotyou.net/c/
Redirect Chain
  • http://milfaforyou.host/raspredelen/196
  • https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Requested by
Host: blondvmobe.blogspot.com
URL: https://blondvmobe.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0c32e88ed62b230aa96e4dc0a4dda4f0e8ae4b387715c169c0288906832b9e5d

Request headers

:method
GET
:authority
qbwjq.waitingfotyou.net
:scheme
https
:path
/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blondvmobe.blogspot.com/

Response headers

status
200
server
nginx
date
Thu, 16 Apr 2020 21:39:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
unique_2843659=unique_2843659; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly unique_2843659=unique_2843659; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_14933_1091512; expires=Sat, 16-May-2020 21:39:17 GMT; Max-Age=2592000; path=/; HttpOnly unique_2843659=unique_2843659; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e5240853af04187753300; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_14933_1091512; expires=Sat, 16-May-2020 21:39:17 GMT; Max-Age=2592000; path=/; HttpOnly
content-encoding
gzip

Redirect headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
20
Connection
keep-alive
Server
Jino.ru/mod_pizza
Set-Cookie
cu_196=0; expires=Fri, 17-Apr-2020 21:39:17 GMT; Max-Age=86400; path=/
Location
https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Vary
Accept-Encoding
Content-Encoding
gzip
swiper.min.css
cdn-aimi.akamaized.net/landings/188131/1585926065/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/css/swiper.min.css?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6d1cb67eaf3ee3e172bce4bc93ef4c5bafa2e3c281eaea5eafa70bb352532d51

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
DC5A8F8127230BB2
ETag
"f7b2d79ed3cacd516f26116ea877daec"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4127
x-amz-id-2
6s+6UlqmC7Hzd4lOtxE/G/hTl3O72S272uHUX0yPv1ZNWYFIJAku1GrdaF+P4JfMVi/h18qvOU0=
style.css
cdn-aimi.akamaized.net/landings/188131/1585926065/css/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/css/style.css?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
316df31adc9ccf3de7a4a18c35143303fb9f94b00302bb2880f8d943a3cdee03

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
93171B3E44CC3454
ETag
"d60f6733579ab7e931857eb9e286105a"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5443
x-amz-id-2
xl99FJmEHJRNZhc007IfxZNDiNWKlkY1vwPHOak+Nz4qNirE/oge/ZX7sRtK1svzXgqJz39rwtA=
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 21:39:17 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5975376
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
022687a3020000dfd73915e200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Tue, 04 Feb 2020 16:28:26 GMT
server
cloudflare
etag
W/"5e399baa-841a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58510ee4de96dfd7-FRA
expires
Tue, 06 Apr 2021 21:39:17 GMT
jquery.min.js
cdn-aimi.akamaized.net/landings/188131/1585926065/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/jquery.min.js?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
70DE088C163B1276
ETag
"b091a47f6b91e26c93a848092c6f3788"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33315
x-amz-id-2
G5X4tZY+WHDrROr+z7l7CVXzJfXJKDyXJ1nMA0CgVQZYhg3D5QION2hCHUd4KvoiQL4yUXZTKf8=
trls.js
cdn-aimi.akamaized.net/landings/188131/1585926065/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/trls.js?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
120e5f88fa31e66b3e43bdcae84a65540d7440ea308fcf7f1ac618028fb674a8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
2B7BABD2132B47B2
ETag
"6fa1b7028017640a944d13ae01db2117"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11571
x-amz-id-2
3/jc6FPX9BaJV0K29PXn9NFx03UWKpG4QXVvp12r8LGxSUTiw4JQY5Od/uuPXZJrm0G8NMYEfCo=
swiper.min.js
cdn-aimi.akamaized.net/landings/188131/1585926065/js/ 		187 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/swiper.min.js?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3b7d812627c66a59e36858ac85119e656a5f1cc7f37f4448c585189054d3422d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
457F7B8246C05600
ETag
"70610853eb13bcedd94269762ff7e9fd"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38997
x-amz-id-2
Gk0NlU8eHN4kjXzNOkYs+iakm+noHeXuIscQ/3xnADFF2bDR3x5dWqOHGtpATnxW0svlTOPCA2E=
main_alt.js
cdn-aimi.akamaized.net/landings/188131/1585926065/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/main_alt.js?1585926065
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef8afd4848c5345f098d2a0c92c914eebc6847520c2bd5e7eedf775f93be9d02

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
6B55AA405F4BEA09
ETag
"28e135a5b2ff95c5b6f59d0452b386b6"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5960
x-amz-id-2
V/nVbiyPFDJ2om/1ggpTGXDXEJUVezoDqLacn+sSYMZ/c9foSPrRodolYGr4aHieFDwXiottVQU=
logo_bigofuck.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		421 KB
422 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/logo_bigofuck.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9229d759714fe1627242f6fd28e1e2bc244a84bce2d529b7fcdfd67a4db5cbba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
D79544ED45A09DE9
ETag
"efd6ee3047c369ef75468c1c411803e7"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
431344
x-amz-id-2
Hh524cjFwSqOEVBSyB9+brzvI8Zlw9muRVjOY9+QO5xplAPCDvv48eBTnzPfF39HSpl2z3ADRN0=
header_cards.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/header_cards.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
61a73794094d08584309a0cafc40a5cb45fa6422605d74410a4d4b8c6c5b23b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
6CF37FAE4992F16F
ETag
"6ef067e55eba56368e924297479ba2c6"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4382
x-amz-id-2
algo6ayZKuFZqgguJCWVD8q54iCkKPzeGV8HSR9jRPY97iyanDMU7yG5qzoxzG6gCrk0unpvEbw=
fire_icon.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/fire_icon.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2558450588f68fff231588b7b3ff56182e81f63e392b8a3bc4b77ec6573e6e41

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
94ED003ED82521E0
ETag
"696781864074db57e4704b79fe91bb83"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1468
x-amz-id-2
zhdIJJHa+GZC1VipGp/bK3ipYgiSV2ixcGDNPHE2jBCs/GqInczfgvKfwoqGkh07DXJBa41n56U=
card1.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card1.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
176b23e069064e87074a0321ef7f9495fd6b1765e474828524bcb8788f6539a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
BFBF66D6A7481168
ETag
"87a737d4fc73db5c4173c2b4a4e3e076"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6624
x-amz-id-2
Qbl1UZTzR9He9WdZppz+y6AwnaEi+7GrQOcAADfAT9LDlbegSD2jMyMo+w7R5DmxNeNT1haBiUk=
card2.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card2.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e15365456ad5795a4c3632da98baf8049d802e4f3c7ac3e59d6ef5896544cf5a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
A2BF13248D7A0CB9
ETag
"c540b328304f4bb8f91db0df1fb4f612"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4919
x-amz-id-2
RhokuQPSyDd3hzTzIduzKrL1z+g9+tUN507nnztEL0g50NmKn5c+XyKxLEnPYavlQ8fYTkRSW0M=
card3.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card3.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f253cbd877f07c359e68265842b16386d1321b980a1f468966a8f4b56bf1aa0f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
62AB739B86659BD8
ETag
"1e7a3185a8763f10710fb4c10a50f9ea"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8968
x-amz-id-2
WdoA+Ka7Ggln/IpfMwxI3+tBhaHHPCp9NBOgH4CpRNYyHalWD6j6d+hcsFjK0bijRFa7hYOkXMw=
card4.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card4.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7421377e5ef7c70eadeb5eb33334a565d026b4ecc57044a2a47636ab41167ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
2F9CB9FE9E6940D3
ETag
"9f600ce8f48ee09ab44d85820c835c37"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3922
x-amz-id-2
55vz978gmy99snXyiY1rxhe5Bb0BwDqcLRaTz1jkVF44pYF073X2m9LqDCICXbM/AUlu1yhxUto=
card5.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card5.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8ffcdf6ba235a797029fb52af822abfdbe91a986020e179380ca36382cd4b228

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
E8603B23D1478515
ETag
"c59e9bc850231c5522afb8e5246a7530"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3785
x-amz-id-2
29uB53jxlrkyxKffP6oh0NxPCmxHEP0AeLa6AThOPGnpOmEufGws5JfJVo2J0yXBqn5MIH+ue5g=
card6.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card6.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7bdc1acbe9ecf5e8dab002dcef5b752673bc261803b5eec572944603794e8c50

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
75A4DC612A9F2421
ETag
"ff9d8b46690fb2175fe5c9d38c51ec8d"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10633
x-amz-id-2
5k+H1uhxydyKBYYCr37tbjl5/OTsl0jnSPlqru//eq2K06Gc/N6iva6/0NoNxvIa7XypyvOZrus=
card7.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card7.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
886c92db7ceb63cb0407e9a968258e2e8130329be45182fbf44b4c5e57bf77f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
6E2D6364EFF07DE8
ETag
"11c29285fc9810e92d2332300ddf1285"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2979
x-amz-id-2
CrumuYV42JbrDYfeYW29XK3GDsbGcQpJhBjTk6DYCd4ldfNNaUELA2rjL7PGglUCH8R/dD6iing=
card8.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/card8.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f0e7b0631f4cbd5a908b7b3059366a2c7626c84ec1990ff371071427fe41a78b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:07 GMT
Server
AmazonS3
x-amz-request-id
C986279606B84490
ETag
"543729b087c6a50033b75b673b78b2a8"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5703
x-amz-id-2
7xBsZYsGIoLT0yalNYV7vVff2SR4nkXR2QNQkNetOZw/iI3bewBBYea5coq29QYrlBlGS6XcB7c=
heart1.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/heart1.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c4056832290f85c70008a5a87a837e1d8b7c954fcf2cbae5907da1a1d222e62

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
2478335C7D42FEB1
ETag
"ffb8041798192506a1b13edd3d543a3a"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2741
x-amz-id-2
xdhwQ3YmLYN09lttkOabXL+IBFSrd4iMXHNf0pB0inj1Snc4of5y09VA7ONM5fJsxcSq6vP4jWA=
heart2.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/heart2.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
35f4679aed4b96fecaf23d3111ee7e5356bd4efb3755050b5707ef6ec916c136

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
9FE5FECDAC4E1168
ETag
"0eba9e201f7338d99e3fd12cfa3f46cb"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2836
x-amz-id-2
c82ZTcyy5y1swE0+g84IsHe5kytKkLVS9rfMhg9+IP30GxAl+ChLKXavM3xca5YYb0IPnWML2GE=
heart3.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/heart3.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fc33a73ba848e0c1d2baa6954d41a4b6803dbc5c5f4ccfbc6182a512046eed26

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
8241A4E3224698EC
ETag
"d742eb04e74c884a0afdb6bc1a654697"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2743
x-amz-id-2
ymE69/J5EFvxAfcHE0HOfuLR0UBF/ozzlAuEXDbl/8bFzQAM1PiwE+QMKado7zIF1E5Pk1XfhB4=
heart4.svg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/heart4.svg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
15ecbef633667a0ef138eeb21ccae687cd5340dcc928f162b3b3e0d358d65711

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
506F9335963E3F11
ETag
"201db6ae7fe1dc59e02bc570d70c29bb"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3089
x-amz-id-2
5nzOFYXex7jF0Vqt0RYBHbY6PUp2mfTINRZSL9nNFiAKXUq2HjOA1AXvKBF56nfXcAKmw1AA+og=
404
cdn-aimi.akamaized.net/
Redirect Chain
  • https://cdn-aimi.akamaized.net/images/poster_alt.jpg
  • https://cdn-aimi.akamaized.net/404
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/404
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://cdn-aimi.akamaized.net/404
Date
Thu, 16 Apr 2020 21:39:18 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
poster_alt.jpg
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/poster_alt.jpg
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3d6d8f56220c5840f2a676f20af660bc774c22ba0df7c9f1b0b328742904e11a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:08 GMT
Server
AmazonS3
x-amz-request-id
DE72F6052FDAFB5E
ETag
"88e9bdf97b0226f25f1189916e997dcf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64066
x-amz-id-2
qDfRO/49NuA4KA7eB8lZS38iJVjUMtGWWtG0KvWcJ4MD+8hdsO1yPRenZlBvrVmgnKDi5ztpXsY=
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,800|Nunito:400,700,900&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05783d1ee31d048a2a751336a59f02b15048bbb3222a33ba6eba0f7d3fc814a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Apr 2020 21:39:18 GMT
server
ESF
date
Thu, 16 Apr 2020 21:39:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Apr 2020 21:39:18 GMT
dbl-subscriber.js
theseoffersforyou.com/pushjs/1.0.0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:454c:f520:6db1:847:ac8a:9321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
35b24a7868838030ab11c4abcda75d24aa707383663ea6be1150eace06750bc6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 21:39:18 GMT
content-encoding
gzip
last-modified
Tue, 02 Jul 2019 06:07:05 GMT
server
nginx
etag
W/"5d1af489-4554"
vary
Accept-Encoding
content-type
application/javascript
status
200
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/jquery.min.js?1585926065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,700,800|Nunito:400,700,900&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://qbwjq.waitingfotyou.net

Response headers

date
Tue, 14 Apr 2020 10:46:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
211952
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13612
x-xss-protection
0
expires
Wed, 14 Apr 2021 10:46:46 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/jquery.min.js?1585926065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,700,800|Nunito:400,700,900&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://qbwjq.waitingfotyou.net

Response headers

date
Mon, 13 Apr 2020 09:02:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
304585
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13708
x-xss-protection
0
expires
Tue, 13 Apr 2021 09:02:53 GMT
video_alt.mp4
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		33 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/video_alt.mp4
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
5C9E7A5AE47D6C8A
ETag
"4a013addd1bee9fe0e32e5fe672cd858"
Content-Type
video/mp4
Content-Range
bytes 0-1006963/1006964
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1006964
x-amz-id-2
lq85epMl2QOEaXI7esU/wUqmeydPa29Yp+Z4AloJyV6LWwarK3q8AyZxrSbGR+iS3fcFVqNOdEk=
getextparams
tdsjsext3.com/ExtService.svc/ 		561 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tdsjsext3.com/ExtService.svc/getextparams
Requested by
Host: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/trls.js?1585926065
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.50.248.253 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
d44b94089db8232ba7f7414be99ee33246faca1604a1f12da977fa9f6bf6b49b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Server
nginx
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
561
video_alt.mp4
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		23 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/video_alt.mp4
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
10a1b79fbdd82a81f7d730829785e3c068e03804d257b989c5a858049d315a16

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=983040-

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
5C9E7A5AE47D6C8A
ETag
"4a013addd1bee9fe0e32e5fe672cd858"
Content-Type
video/mp4
Content-Range
bytes 983040-1006963/1006964
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23924
x-amz-id-2
lq85epMl2QOEaXI7esU/wUqmeydPa29Yp+Z4AloJyV6LWwarK3q8AyZxrSbGR+iS3fcFVqNOdEk=
video_alt.mp4
cdn-aimi.akamaized.net/landings/188131/1585926065/images/ 		940 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/188131/1585926065/images/video_alt.mp4
Requested by
Host: qbwjq.waitingfotyou.net
URL: https://qbwjq.waitingfotyou.net/c/da57dc555e50572d?s1=14933&s2=1091512&j1=1&j3=1&j5=70&j7=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.53.40.34 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-53-40-34.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=32768-

Response headers

Date
Thu, 16 Apr 2020 21:39:18 GMT
Last-Modified
Fri, 03 Apr 2020 15:01:09 GMT
Server
AmazonS3
x-amz-request-id
5C9E7A5AE47D6C8A
ETag
"4a013addd1bee9fe0e32e5fe672cd858"
Content-Type
video/mp4
Content-Range
bytes 32768-1006963/1006964
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974196
x-amz-id-2
lq85epMl2QOEaXI7esU/wUqmeydPa29Yp+Z4AloJyV6LWwarK3q8AyZxrSbGR+iS3fcFVqNOdEk=
lang-config.js
theseoffersforyou.com/pushjs/1.0.0/config/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theseoffersforyou.com/pushjs/1.0.0/config/lang-config.js
Requested by
Host: theseoffersforyou.com
URL: https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:454c:f520:6db1:847:ac8a:9321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 21:39:18 GMT
content-encoding
gzip
last-modified
Wed, 24 Oct 2018 10:47:44 GMT
server
nginx
etag
W/"5bd04dd0-1ead"
vary
Accept-Encoding
content-type
application/javascript
status
200
dbl-style.css
theseoffersforyou.com/css/ 		2 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theseoffersforyou.com/css/dbl-style.css
Requested by
Host: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/188131/1585926065/js/jquery.min.js?1585926065
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:454c:f520:6db1:847:ac8a:9321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
f51f245a44fe091a07a08b3b359d48d15896861beb0a81e03a87a5df8a49f755

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 21:39:18 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 06:56:47 GMT
server
nginx
etag
W/"5af3ed2f-6ae"
vary
Accept-Encoding
content-type
text/css
status
200
en
theseoffersforyou.com/api/subscribe/first-popup/cid/70/lang/ 		586 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theseoffersforyou.com/api/subscribe/first-popup/cid/70/lang/en
Requested by
Host: theseoffersforyou.com
URL: https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:454c:f520:6db1:847:ac8a:9321 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
7df80ba1dd16b3fbf42c9db35ba9698d334ff5d7a8ac6bdea081c0f3b1580581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Authorization
Basic YWRtaW46cGFzcw==
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 16 Apr 2020 21:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-max-age
180
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
expires
0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _push function| $ function| jQuery function| Swiper function| docReady number| chromeVersion boolean| exit object| _pcq object| Modernizr object| jQuery111306286473256963045 string| authParty string| apiServerUrl object| pushTrackData object| pushPopup string| cid function| getFirstPopUP function| validateAndShowPopUP function| getPushDomain function| clickNotification function| closeNotificationPopup function| showNotification function| showDefaultNotification function| showСustomNotification function| showMobileCustomNotification function| setCookie function| getCookie function| getUrlParams function| openChildWindow function| fillTrackDataUrlParams function| getTrackDataUrlParams function| include function| isPushSupportedOnBrowser function| isDefaultAndroidBrowser function| retry function| isIE10OrLater function| detectPrivateMode function| getBrowserInfo function| getDeviceType function| getLanguage object| defaultFirstPopupJson function| resolveCidByPid object| langConf function| getLangConf object| langConfigMap function| isBrowserOnCidExclude

3 Cookies

Domain/Path Name / Value
qbwjq.waitingfotyou.net/ Name: unique_id
Value: 5e5240853af04187753300
qbwjq.waitingfotyou.net/ Name: scriptHash
Value: 49415_14933_1091512
qbwjq.waitingfotyou.net/ Name: unique_2843659
Value: unique_2843659

1 Console Messages

Source Level URL
Text
console-api log URL: https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js(Line 1)
Message:
Push isn't supported on this browser

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
blondvmobe.blogspot.com
blondvmobe.blogspot.ro
cdn-aimi.akamaized.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
milfaforyou.host
qbwjq.waitingfotyou.net
resources.blogblog.com
tdsjsext3.com
theseoffersforyou.com
www.blogger.com
185.50.248.253
23.53.40.34
2600:1f18:454c:f520:6db1:847:ac8a:9321
2606:4700::6810:84e5
2a00:1450:4001:806::2009
2a00:1450:4001:809::200a
2a00:1450:4001:814::2001
2a00:1450:4001:818::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2009
2a05:d018:244:5200::ab
81.177.165.133
05783d1ee31d048a2a751336a59f02b15048bbb3222a33ba6eba0f7d3fc814a5
0c32e88ed62b230aa96e4dc0a4dda4f0e8ae4b387715c169c0288906832b9e5d
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10a1b79fbdd82a81f7d730829785e3c068e03804d257b989c5a858049d315a16
120e5f88fa31e66b3e43bdcae84a65540d7440ea308fcf7f1ac618028fb674a8
15ecbef633667a0ef138eeb21ccae687cd5340dcc928f162b3b3e0d358d65711
176b23e069064e87074a0321ef7f9495fd6b1765e474828524bcb8788f6539a4
1c4056832290f85c70008a5a87a837e1d8b7c954fcf2cbae5907da1a1d222e62
20d899a813e7d1a518e43d5d2d6112f5d618cbacdeefd7f44ac30e4d2210f6af
2558450588f68fff231588b7b3ff56182e81f63e392b8a3bc4b77ec6573e6e41
316df31adc9ccf3de7a4a18c35143303fb9f94b00302bb2880f8d943a3cdee03
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
35b24a7868838030ab11c4abcda75d24aa707383663ea6be1150eace06750bc6
35f4679aed4b96fecaf23d3111ee7e5356bd4efb3755050b5707ef6ec916c136
3b7d812627c66a59e36858ac85119e656a5f1cc7f37f4448c585189054d3422d
3d6d8f56220c5840f2a676f20af660bc774c22ba0df7c9f1b0b328742904e11a
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
61a73794094d08584309a0cafc40a5cb45fa6422605d74410a4d4b8c6c5b23b2
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
6d1cb67eaf3ee3e172bce4bc93ef4c5bafa2e3c281eaea5eafa70bb352532d51
7bdc1acbe9ecf5e8dab002dcef5b752673bc261803b5eec572944603794e8c50
7df80ba1dd16b3fbf42c9db35ba9698d334ff5d7a8ac6bdea081c0f3b1580581
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
886c92db7ceb63cb0407e9a968258e2e8130329be45182fbf44b4c5e57bf77f1
8ffcdf6ba235a797029fb52af822abfdbe91a986020e179380ca36382cd4b228
9229d759714fe1627242f6fd28e1e2bc244a84bce2d529b7fcdfd67a4db5cbba
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
d44b94089db8232ba7f7414be99ee33246faca1604a1f12da977fa9f6bf6b49b
e15365456ad5795a4c3632da98baf8049d802e4f3c7ac3e59d6ef5896544cf5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef8afd4848c5345f098d2a0c92c914eebc6847520c2bd5e7eedf775f93be9d02
f0e7b0631f4cbd5a908b7b3059366a2c7626c84ec1990ff371071427fe41a78b
f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1
f253cbd877f07c359e68265842b16386d1321b980a1f468966a8f4b56bf1aa0f
f51f245a44fe091a07a08b3b359d48d15896861beb0a81e03a87a5df8a49f755
f7421377e5ef7c70eadeb5eb33334a565d026b4ecc57044a2a47636ab41167ea
fc33a73ba848e0c1d2baa6954d41a4b6803dbc5c5f4ccfbc6182a512046eed26