Submitted URL: http://paperhelpers.org/
Effective URL: https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
Submission: On April 21 via manual from US

Summary

This website contacted 9 IPs in 6 countries across 10 domains to perform 55 HTTP transactions. The main IP is 23.5.109.95, located in Amsterdam, Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.gearbest.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 9th 2019. Valid for: a year.
This is the only time www.gearbest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 37.1.218.152 50673 (SERVERIUS-AS)
2 151.139.242.29 12989 (HWNG)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.141.27.248 60117 (HS)
1 1 94.198.55.227 56694 (DHUB)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
7 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 188.72.215.43 35415 (WEBZILLA)
1 188.42.160.80 35415 (WEBZILLA)
1 23.5.109.95 16625 (AKAMAI-AS)
55 9
Domain Requested by
10 paperhelpers.org 1 redirects paperhelpers.org
7 donotifyfriends.info paperhelpers.org
donotifyfriends.info
2 adaranth.com 1 redirects donotifyfriends.info
2 images.dmca.com paperhelpers.org
1 www.gearbest.com adaranth.com
1 my.rtmark.net adaranth.com
1 notifymepush.info 1 redirects
1 www.adrequestnow.info 1 redirects
1 bemylittleteddy.info paperhelpers.org
1 ajax.googleapis.com paperhelpers.org
55 10

This site contains no links.

Subject Issuer Validity Valid
paperhelpers.org
RapidSSL RSA CA 2018
2018-06-27 -
2019-06-27
a year crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2
2018-02-01 -
2020-04-04
2 years crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-26 -
2019-06-18
3 months crt.sh
bemylittleteddy.info
Let's Encrypt Authority X3
2019-04-16 -
2019-07-15
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-03-25 -
2020-03-25
a year crt.sh
adaranth.com
Sectigo RSA Domain Validation Secure Server CA
2019-03-05 -
2020-03-04
a year crt.sh
my.rtmark.net
RapidSSL RSA CA 2018
2018-04-05 -
2019-05-05
a year crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA
2019-02-09 -
2020-05-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
Frame ID: EBDC680C495A250C8DF4DB424952CB75
Requests: 55 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://paperhelpers.org/ HTTP 301
    https://paperhelpers.org/ Page URL
  2. https://bemylittleteddy.info/coutdown?source=007& Page URL
  3. https://www.adrequestnow.info/ad-request?source=567568 HTTP 302
    https://notifymepush.info/rs/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789 HTTP 302
    https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789 Page URL
  4. https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support Page URL
  5. https://adaranth.com/?z=2565572 HTTP 302
    https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

55
Requests

42 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

9
IPs

6
Countries

256 kB
Transfer

567 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paperhelpers.org/ HTTP 301
    https://paperhelpers.org/ Page URL
  2. https://bemylittleteddy.info/coutdown?source=007& Page URL
  3. https://www.adrequestnow.info/ad-request?source=567568 HTTP 302
    https://notifymepush.info/rs/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789 HTTP 302
    https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789 Page URL
  4. https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support Page URL
  5. https://adaranth.com/?z=2565572 HTTP 302
    https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://paperhelpers.org/ HTTP 301
  • https://paperhelpers.org/
Request Chain 45
  • https://www.adrequestnow.info/ad-request?source=567568 HTTP 302
  • https://notifymepush.info/rs/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789 HTTP 302
  • https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
paperhelpers.org/
Redirect Chain
  • http://paperhelpers.org/
  • https://paperhelpers.org/
40 KB
13 KB
Document
General
Full URL
https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
6442c8a096092f8aeedb71111d6ce0b403074ab179690b6247f83b6c22b94596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Host
paperhelpers.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=31536000; preload
Vary
Accept-Encoding
Last-Modified
Sun, 21 Apr 2019 20:28:35 GMT
ETag
"30ea-58710323e667e"
Accept-Ranges
bytes
Content-Length
12522
Connection
keep-alive, Keep-Alive
Referrer-Policy
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip

Redirect headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Server
Apache/2.4.25 (Debian)
Location
https://paperhelpers.org/
Content-Length
315
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
855d4.css
paperhelpers.org/wp-content/cache/minify/
66 KB
10 KB
Stylesheet
General
Full URL
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
9c9d8c0c8921cdf6fe32a27f90e9ca327bce38f74e4ab69fa7a5c50ed90ed450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://paperhelpers.org/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://paperhelpers.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sun, 21 Apr 2019 13:23:00 GMT
Server
Apache/2.4.25 (Debian)
ETag
"280f-5870a403a719b"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10255
phone.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

logo.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

logo_header-m.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

trust.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-1.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-2.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-3.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-4.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-5.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-6.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

save.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

logo_footer.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

phone-footer.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

cards.png
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

dmca_protected_24_120.png
images.dmca.com/Badges/
5 KB
6 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca_protected_24_120.png?ID=ac034ff9-69ef-4f18-a259-b88e0eec51a3
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
9974cdeee7b7fb76cdfbc4b2c9394a780cbea6a31d529a6d4a845eb6523cd5d9

Request headers

Referer
https://paperhelpers.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:45 GMT
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.cloudapp.net/Badges/dmca_protected_24_120.png>; rel="canonical"
content-length
5430
expires
Tue, 21 May 2019 20:33:45 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/
852 B
1 KB
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd

Request headers

Referer
https://paperhelpers.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:45 GMT
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/zip
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.cloudapp.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
852
expires
Tue, 21 May 2019 20:32:57 GMT
guarantee.png
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

header_award.png
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

logo_footer-m.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paperhelpers.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 22:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3795422
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33507
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Mar 2020 22:16:43 GMT
crm-widget.php
paperhelpers.org/
0
0

5243c.js
paperhelpers.org/wp-content/cache/minify/
0
0

first-screen-bg.jpg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
25 KB
25 KB
Image
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/first-screen-bg.jpg
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Referrer-Policy
Last-Modified
Tue, 26 Mar 2019 21:05:29 GMT
Server
Apache/2.4.25 (Debian)
ETag
"6416-58505ae4b18be"
Vary
Accept-Encoding
Connection
keep-alive, Keep-Alive
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
25622
pas-1.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
10 KB
4 KB
Image
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/pas-1.svg
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"2731-58256d130fc00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4058
pas-2.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

pas-3.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

service-1.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

service-2.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

service-3.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

service-4.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

reasons-bg.jpg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

rating-half.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

rating-full.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

rating-half-four.svg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/
0
0

subscribe-bg.jpg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

down.png
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

text-bg.jpg
paperhelpers.org/wp-content/themes/paperhelpers-ux/images/
0
0

MuseoSansCyrl-500.woff
paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/
44 KB
44 KB
Font
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/MuseoSansCyrl-500.woff
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Origin
https://paperhelpers.org
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Origin
https://paperhelpers.org

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"b060-5553e1d739280-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44928
MuseoSansCyrl-900.woff
paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/
0
355 B
Font
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/MuseoSansCyrl-900.woff
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Origin
https://paperhelpers.org
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Origin
https://paperhelpers.org

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"0-5553e1d739280"
Vary
Accept-Encoding
Content-Type
application/font-woff
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
0
MuseoSansCyrl-300.woff
paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/
44 KB
0
Font
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/MuseoSansCyrl-300.woff
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Origin
https://paperhelpers.org
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Origin
https://paperhelpers.org

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"aeb4-5553e1d921700-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44519
MuseoSansCyrl-700.woff
paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/
44 KB
44 KB
Font
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/MuseoSansCyrl-700.woff
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Origin
https://paperhelpers.org
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Origin
https://paperhelpers.org

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"b018-5553e1d739280-gzip"
Vary
Accept-Encoding
Content-Type
application/font-woff
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44729
coutdown
bemylittleteddy.info/
2 KB
690 B
Document
General
Full URL
https://bemylittleteddy.info/coutdown?source=007&
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.141.27.248 , Netherlands, ASN60117 (HS, AE),
Reverse DNS
srv26.legnoass.com
Software
nginx / PHP/5.6.40
Resource Hash
b1730d0be5b2916018cbc4248333ff13bbeeec3cb0e541091771c7797ff04d12

Request headers

Host
bemylittleteddy.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://paperhelpers.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/

Response headers

Server
nginx
Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
Access-Control-Allow-Origin
*
Content-Encoding
gzip
MuseoSansCyrl-900.ttf
paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/
64 KB
0
Font
General
Full URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/fonts/museoSans/MuseoSansCyrl-900.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.218.152 , Germany, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Origin
https://paperhelpers.org
Accept-Encoding
gzip, deflate, br
Host
paperhelpers.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://paperhelpers.org/wp-content/cache/minify/855d4.css
Origin
https://paperhelpers.org

Response headers

Date
Sun, 21 Apr 2019 20:33:45 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache/2.4.25 (Debian)
ETag
"1efe4-5553e1d739280-gzip"
Vary
Accept-Encoding
Content-Type
application/x-font-ttf
Connection
keep-alive, Keep-Alive
Strict-Transport-Security
max-age=31536000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43916
1088
donotifyfriends.info/r/bot/
Redirect Chain
  • https://www.adrequestnow.info/ad-request?source=567568
  • https://notifymepush.info/rs/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
  • https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
2 KB
1 KB
Document
General
Full URL
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Requested by
Host: paperhelpers.org
URL: https://paperhelpers.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca603679583e6cee9cf484e0d9f6687b557dcba4900e966d6d5b54f5ca2cf0b

Request headers

:method
GET
:authority
donotifyfriends.info
:scheme
https
:path
/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://bemylittleteddy.info/coutdown?source=007&
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://bemylittleteddy.info/coutdown?source=007&

Response headers

status
200
date
Sun, 21 Apr 2019 20:33:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; expires=Mon, 20-Apr-20 20:33:46 GMT; path=/; domain=.donotifyfriends.info; HttpOnly PHPSESSID=9c2nep355l4sjkev82p45idhjb; path=/; HttpOnly _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4cb222893b7fc2f6-FRA
content-encoding
br

Redirect headers

status
302
date
Sun, 21 Apr 2019 20:33:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2fd426a0521b01bbdcca339521c9dad81555878826; expires=Mon, 20-Apr-20 20:33:46 GMT; path=/; domain=.notifymepush.info; HttpOnly PHPSESSID=5gmet8ck06dfq6pfl5i8rveb3q; path=/; HttpOnly pushca-unq=c69d470407927f8864031ea30406f60d64880dde0945dbe994a0015e0980257ea%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22pushca-unq%22%3Bi%3A1%3Bs%3A3%3A%22yes%22%3B%7D; expires=Mon, 22-Apr-2019 20:33:46 GMT; Max-Age=86400; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4cb222883d3ac26f-FRA
main.css
donotifyfriends.info/media/landings/bot/css/
2 KB
879 B
Stylesheet
General
Full URL
https://donotifyfriends.info/media/landings/bot/css/main.css?b=4
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e06ee613bbeaa6151ee50b34740cc224973d52374dc6071caf6621047fe020

Request headers

:path
/media/landings/bot/css/main.css?b=4
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2019 10:54:48 GMT
server
cloudflare
etag
W/"5c94bef8-7d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4cb22289dd50c2f6-FRA
expires
Mon, 22 Apr 2019 00:33:46 GMT
push-wrap.js
donotifyfriends.info/
38 KB
6 KB
Script
General
Full URL
https://donotifyfriends.info/push-wrap.js?b=8
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29fcab38f97ecdcfd8920d873ccc18044e7699ff4b6cbd9280f8f2312a625f53

Request headers

:path
/push-wrap.js?b=8
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Apr 2019 12:46:00 GMT
server
cloudflare
etag
W/"5cb87188-9965"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4cb22289dd51c2f6-FRA
expires
Mon, 22 Apr 2019 00:33:46 GMT
block.js
donotifyfriends.info/
142 B
267 B
Script
General
Full URL
https://donotifyfriends.info/block.js?b=4
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e

Request headers

:path
/block.js?b=4
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Mar 2019 15:01:57 GMT
server
cloudflare
etag
W/"5c98ed65-8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4cb22289dd53c2f6-FRA
expires
Mon, 22 Apr 2019 00:33:46 GMT
robo_img.jpg
donotifyfriends.info/media/landings/bot/images/
55 KB
55 KB
Image
General
Full URL
https://donotifyfriends.info/media/landings/bot/images/robo_img.jpg?b=7
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb76ad4df4955a59eba562da8ecd65412138bd1ab5212fe0f55235baf2a83089

Request headers

:path
/media/landings/bot/images/robo_img.jpg?b=7
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2019 10:54:48 GMT
server
cloudflare
etag
"5c94bef8-dcad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4cb22289dd55c2f6-FRA
content-length
56493
expires
Mon, 22 Apr 2019 00:33:46 GMT
main.js
donotifyfriends.info/media/landings/bot/js/
637 B
315 B
Script
General
Full URL
https://donotifyfriends.info/media/landings/bot/js/main.js?b=4
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc264d9c67154d6af02f2162bde9a8d15e8ed19b0d36173fdf4428bf37d35d4

Request headers

:path
/media/landings/bot/js/main.js?b=4
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2019 10:54:48 GMT
server
cloudflare
etag
W/"5c94bef8-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4cb22289dd57c2f6-FRA
expires
Mon, 22 Apr 2019 00:33:46 GMT
push.js
donotifyfriends.info/
20 KB
4 KB
Script
General
Full URL
https://donotifyfriends.info/push.js?b=8
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/push-wrap.js?b=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:10d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/push.js?b=8
pragma
no-cache
cookie
__cfduid=d3a5d0f1f913493351f1991711b4c9e9c1555878826; PHPSESSID=9c2nep355l4sjkev82p45idhjb; _csrf=a869bbdcbf3ea7536f22bac799316c6cce6bc7ba4e1d5a910466adf059cdd16aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22qPig25v8zAbO9E5En7JjdZJ1H2Z2XHFX%22%3B%7D
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
donotifyfriends.info
referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
:scheme
https
:method
GET
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 21 Apr 2019 20:33:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Feb 2019 09:14:13 GMT
server
cloudflare
etag
W/"5c6d1a65-4e5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4cb22289fdd1c2f6-FRA
expires
Mon, 22 Apr 2019 00:33:46 GMT
Cookie set afu.php
adaranth.com/
11 KB
5 KB
Document
General
Full URL
https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support
Requested by
Host: donotifyfriends.info
URL: https://donotifyfriends.info/push-wrap.js?b=8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.215.43 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
06f9a7a5bb5ceae681e93e7b7287f54a9b63fa74df96431c040d07bb156f7781
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
adaranth.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://donotifyfriends.info/r/bot/1088?count=5&declCount=3&fullScreenMode=enabled&utm_source=count789

Response headers

Server
nginx
Date
Sun, 21 Apr 2019 20:33:46 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
99704a5dda3d0f2753291926c933f9f5
Set-Cookie
OAID=20dc2d300f184700bb57a9020bf31d34; expires=Mon, 20 Apr 2020 20:33:46 GMT oaidts=1555878826; expires=Mon, 20 Apr 2020 20:33:46 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
Content-Encoding
gzip
img.gif
my.rtmark.net/
43 B
366 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=20dc2d300f184700bb57a9020bf31d34
Requested by
Host: adaranth.com
URL: https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.80 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Apr 2019 20:33:46 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
image/gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Primary Request promotion-Life-Essentials-Gadgets-special-2811.html
www.gearbest.com/
Redirect Chain
  • https://adaranth.com/?z=2565572
  • https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
345 B
578 B
Document
General
Full URL
https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
Requested by
Host: adaranth.com
URL: https://adaranth.com/afu.php?zoneid=2565572&utm_source=dao_not_support
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.109.95 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-109-95.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
e402e45d8abbe85317575ec380c8728f0f2155fb5942c3feb7c77b7db8611be7

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://adaranth.com/afu.php?zoneid=2565572&var=2565572&rid=wfxzsvAkbQDjdtH2xjZy_Q%3D%3D
accept-encoding
gzip, deflate, br
Origin
https://adaranth.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://adaranth.com/afu.php?zoneid=2565572&var=2565572&rid=wfxzsvAkbQDjdtH2xjZy_Q%3D%3D

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
345
cache-control
max-age=60
expires
Sun, 21 Apr 2019 20:34:46 GMT
date
Sun, 21 Apr 2019 20:33:46 GMT
set-cookie
AKAM_CLIENTID=8bdbc4d341c2e2e22e104dd1265309f0; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com
vary
User-Agent

Redirect headers

Server
nginx
Date
Sun, 21 Apr 2019 20:33:46 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://adaranth.com
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
731d4bbd9659322ff7a75ddc8379a291
Location
https://www.gearbest.com/promotion-Life-Essentials-Gadgets-special-2811.html?lkid=20320643&cid=143928836898164736
Set-Cookie
OAID=20dc2d300f184700bb57a9020bf31d34; expires=Mon, 20 Apr 2020 20:33:46 GMT oaidts=1555878826; expires=Mon, 20 Apr 2020 20:33:46 GMT OXCCLK=1958749.1; expires=Mon, 20 Apr 2020 20:33:46 GMT allcnt=1; expires=Mon, 20 Apr 2020 20:33:46 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/phone.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/logo.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/logo_header-m.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/trust.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-1.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-2.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-3.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-4.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-5.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/reasons-6.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/save.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/logo_footer.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/phone-footer.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/cards.png
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/guarantee.png
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/header_award.png
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/logo_footer-m.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/crm-widget.php
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/cache/minify/5243c.js
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/pas-2.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/pas-3.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/service-1.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/service-2.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/service-3.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/service-4.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/reasons-bg.jpg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/rating-half.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/rating-full.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/svg/rating-half-four.svg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/subscribe-bg.jpg
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/down.png
Domain
paperhelpers.org
URL
https://paperhelpers.org/wp-content/themes/paperhelpers-ux/images/text-bg.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
.gearbest.com/ Name: AKAM_CLIENTID
Value: 8bdbc4d341c2e2e22e104dd1265309f0

3 Console Messages

Source Level URL
Text
console-api log URL: https://donotifyfriends.info/push-wrap.js?b=8(Line 601)
Message:
manifest already
console-api log URL: https://donotifyfriends.info/push.js?b=8(Line 111)
Message:
Service worker notification not supported
console-api error URL: https://donotifyfriends.info/push.js?b=8(Line 105)
Message:
Push notification are not supported in this browser; Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adaranth.com
ajax.googleapis.com
bemylittleteddy.info
donotifyfriends.info
images.dmca.com
my.rtmark.net
notifymepush.info
paperhelpers.org
www.adrequestnow.info
www.gearbest.com
paperhelpers.org
151.139.242.29
185.141.27.248
188.42.160.80
188.72.215.43
23.5.109.95
2606:4700:30::681c:10d3
2606:4700:30::681c:12e
2a00:1450:4001:81e::200a
37.1.218.152
94.198.55.227
06f9a7a5bb5ceae681e93e7b7287f54a9b63fa74df96431c040d07bb156f7781
1fc264d9c67154d6af02f2162bde9a8d15e8ed19b0d36173fdf4428bf37d35d4
29fcab38f97ecdcfd8920d873ccc18044e7699ff4b6cbd9280f8f2312a625f53
47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5ca603679583e6cee9cf484e0d9f6687b557dcba4900e966d6d5b54f5ca2cf0b
6442c8a096092f8aeedb71111d6ce0b403074ab179690b6247f83b6c22b94596
8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd
9974cdeee7b7fb76cdfbc4b2c9394a780cbea6a31d529a6d4a845eb6523cd5d9
9c9d8c0c8921cdf6fe32a27f90e9ca327bce38f74e4ab69fa7a5c50ed90ed450
a2e06ee613bbeaa6151ee50b34740cc224973d52374dc6071caf6621047fe020
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1730d0be5b2916018cbc4248333ff13bbeeec3cb0e541091771c7797ff04d12
e402e45d8abbe85317575ec380c8728f0f2155fb5942c3feb7c77b7db8611be7
eb76ad4df4955a59eba562da8ecd65412138bd1ab5212fe0f55235baf2a83089