lhcontinuum.co Open in urlscan Pro
2606:4700:3031::681c:1d98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp
Effective URL:
https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_ev...
Submission: On April 09 via manual (April 9th 2020, 6:54:02 am UTC) from FR

Summary HTTP 36 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3031::681c:1d98, located in United States and belongs to CLOUDFLARENET, US. The main domain is lhcontinuum.co.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 10th 2019. Valid for: 10 months.

This is the only time lhcontinuum.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a05:d018:88e... 2a05:d018:88e:df10:fc38:7d04:db6c:e2ef	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:483... 2a05:d018:483:6120:a203:aa46:f480:7060	16509 (AMAZON-02) (AMAZON-02)
3 6	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:303... 2606:4700:3031::681c:1d98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1 2	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	136.243.99.224 136.243.99.224	24940 (HETZNER-AS) (HETZNER-AS)
36	10

2 2a05:d018:88e:df10:fc38:7d04:db6c:e2ef (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

www.cdgrag.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6120:a203:aa46:f480:7060 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.202.12.61 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

www.abgaming.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heroes.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3031::681c:1d98 (United States)

ASN13335 (CLOUDFLARENET, US)

lhcontinuum.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.115.4 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.99.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.99.243.136.clients.your-server.de

is.traffic.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	lhcontinuum.co lhcontinuum.co	504 KB
6	gstatic.com fonts.gstatic.com	39 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	80 KB
5	abgaming.biz 2 redirects www.abgaming.biz	4 KB
2	traffic.gg is.traffic.gg	68 KB
2	ad-score.com 1 redirects data.ad-score.com	712 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	cdgrag.site 1 redirects www.cdgrag.site	6 KB
1	go2cloud.org 1 redirects heroes.go2cloud.org	2 KB
1	gdmconvtrck.com gdmconvtrck.com	1 KB
36	10

	Domain	Requested by
14	lhcontinuum.co	www.abgaming.biz lhcontinuum.co
6	fonts.gstatic.com	lhcontinuum.co
6	dev.visualwebsiteoptimizer.com	lhcontinuum.co dev.visualwebsiteoptimizer.com
5	www.abgaming.biz	2 redirects gdmconvtrck.com
2	is.traffic.gg	lhcontinuum.co
2	data.ad-score.com	1 redirects lhcontinuum.co
2	www.cdgrag.site	1 redirects
1	ajax.googleapis.com	lhcontinuum.co
1	fonts.googleapis.com	lhcontinuum.co
1	heroes.go2cloud.org	1 redirects
1	gdmconvtrck.com	www.cdgrag.site
36	11

This site contains links to these domains. Also see Links.

Domain
www.lotteryheroes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-10` - `2020-10-09`	10 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2019-09-02` - `2020-11-01`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
is.traffic.gg Let's Encrypt Authority X3	`2020-03-29` - `2020-06-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Frame ID: 03AE7E440AA66E780F78F16D7858D2F3
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp Page URL
http://www.cdgrag.site/?a=96022&c=216024&oc=105126&sr=t&s2=391mfjtc1rp&vt=1586415218531&h=9e019767e... HTTP 302
http://www.abgaming.biz/aff_c?offer_id=522&aff_id=1355&aff_sub=5b07f58e85094a3fafac683cd7ca134c1354e... HTTP 302
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%... Page URL
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cl... Page URL
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=3&url=http%3A%2F%2Fheroes.go2cl... HTTP 302
http://heroes.go2cloud.org/aff_c?offer_id=4&aff_id=43960&aff_sub=102d176ca238a98b597a7d8fab5d44&aff_sub... HTTP 302
https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Matomo (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i

Visual Website Optimizer (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /dev\.visualwebsiteoptimizer\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

36
Requests

86 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

727 kB
Transfer

1152 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lotteryheroes.com/cz/signup?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Title: Přidejte se nyní

Search URL Search Domain Scan URL

URL: https://www.lotteryheroes.com/cz/cart?pack=(27-1)&affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt=%7Bpxt%7D&purl=%7Bpurl%7D
Title:

Search URL Search Domain Scan URL

URL: https://www.lotteryheroes.com/cz/about/terms-and-conditions?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Title: Smluvními podmínkami

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp Page URL
http://www.cdgrag.site/?a=96022&c=216024&oc=105126&sr=t&s2=391mfjtc1rp&vt=1586415218531&h=9e019767eac3398e29179cd47b731b4498dfe994&req=http%3A%2F%2Fwww.cdgrag.site%2F%3Fa%3D96022%26c%3D216024%26s2%3D391mfjtc1rp&us=bc76bf25ee304ce389b5ea0c9e6d2bc3 HTTP 302
http://www.abgaming.biz/aff_c?offer_id=522&aff_id=1355&aff_sub=5b07f58e85094a3fafac683cd7ca134c1354e&aff_sub2=96022 HTTP 302
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455 Page URL
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455 Page URL
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=3&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455 HTTP 302
http://heroes.go2cloud.org/aff_c?offer_id=4&aff_id=43960&aff_sub=102d176ca238a98b597a7d8fab5d44&aff_sub2=1355 HTTP 302
https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.cdgrag.site/?a=96022&c=216024&oc=105126&sr=t&s2=391mfjtc1rp&vt=1586415218531&h=9e019767eac3398e29179cd47b731b4498dfe994&req=http%3A%2F%2Fwww.cdgrag.site%2F%3Fa%3D96022%26c%3D216024%26s2%3D391mfjtc1rp&us=bc76bf25ee304ce389b5ea0c9e6d2bc3 HTTP 302
http://www.abgaming.biz/aff_c?offer_id=522&aff_id=1355&aff_sub=5b07f58e85094a3fafac683cd7ca134c1354e&aff_sub2=96022 HTTP 302
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455

Request Chain 18

https://data.ad-score.com/img?pid=1000583&tid=&l1=&l2=&l3=&l4=&l5=&l6=&l7=&cb=0.10164440646015271 HTTP 302
https://data.ad-score.com/gmi

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.cdgrag.site/ 2 KB
1 KB 153ms
49ms Document
text/html 2a05:d018:88e:df10:fc38:7d04:db6c:e2ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp
Protocol: HTTP/1.1
Server: 2a05:d018:88e:df10:fc38:7d04:db6c:e2ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1845628fb7353b0ed9b119d4f6c32dccabe95a155938c613bd18e263f1e2933c

Request headers

Host: www.cdgrag.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip

GET
H/1.1 200
OK trck Show response
gdmconvtrck.com/ 1 KB
1 KB 71ms
30ms Script
text/javascript 2a05:d018:483:6120:a203:aa46:f480:7060
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://gdmconvtrck.com/trck
Requested by: Host: www.cdgrag.site
URL: http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp
Protocol: HTTP/1.1
Server: 2a05:d018:483:6120:a203:aa46:f480:7060 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 410b8ce079b31e64079f6c963359e4c7555977f1d4057f89dc828cf187b7055c

Request headers

Referer: http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Expires: Sat, 1 May 2020 12:00:00 GMT

GET
H/1.1

200
OK

aff_r Show response
www.abgaming.biz/
Redirect Chain

http://www.cdgrag.site/?a=96022&c=216024&oc=105126&sr=t&s2=391mfjtc1rp&vt=1586415218531&h=9e019767eac3398e29179cd47b731b4498dfe994&req=http%3A%2F%2Fwww.cdgrag.site%2F%3Fa%3D96022%26c%3D216024%26s2%...
http://www.abgaming.biz/aff_c?offer_id=522&aff_id=1355&aff_sub=5b07f58e85094a3fafac683cd7ca134c1354e&aff_sub2=96022
http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urla...

294 B
632 B

61ms
60ms

Document
text/html

18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Requested by: Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/trck
Protocol: HTTP/1.1
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 836007f19b693ab74227e58e6bad02c71aacfd33e0370795a4c3e38c4445a949

Request headers

Host: www.abgaming.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.cdgrag.site/?a=96022&c=216024&s2=391mfjtc1rp

Response headers

Server: nginx/1.16.1
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Type: text/html
Content-Length: 294
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
X-Request-Id: fdadd92cc47d608532616212aa9b995b

Redirect headers

Server: nginx/1.16.1
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 404
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
tracking_id: 102d176ca238a98b597a7d8fab5d44
Location: /aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Set-Cookie: enc_aff_session_522=ENC03aedd34a3dfcf4f5949cb72883871c8f8508030682aadfef3386f56d344dcdfe9016310bde4657f09f2fb41dafaa5366c0dbf5e7bb4887354d3f25cd7f0c7f58d6561d1204844c3b4429461830829d02eedca941134ddf5ba8353905ee66fcdcea1bbb81160488f70d58df63f5ffb4d1d3bc59bd803f9b56c40b7de49ff8990887dc1daff57cb0829dae70ea678726be4564e43fbb05d2bd88e733b3946e7461fdaa991c3bc83155d0a18fd744f0ce943d2ff4d52a5da6b49e9391eb1d8c3efe5b0a96716eb1fd28dbf113433fa8e62dc82fa5ff5ae8faa4eb4bcb5f6e045f70b27319bdd; expires=Sat, 09 May 2020 06:53:38 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Sat, 04 Mar 2023 17:33:38 GMT; path=/; SameSite=None; Secure
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
X-Request-Id: 559d103c3fe6d5828e25866c95d195a6

GET
H/1.1 200
OK aff_r
www.abgaming.biz/ 0
552 B 61ms
61ms Document
text/plain 18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=1&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Protocol: HTTP/1.1
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Host: www.abgaming.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455

Response headers

Server: nginx/1.16.1
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
refresh: 0;url=/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Access-Control-Allow-Origin: *
X-Request-Id: 26e762bae03914bc282bc534cade4ec1

GET
H/1.1 200
OK aff_r Show response
www.abgaming.biz/ 625 B
963 B 61ms
60ms Document
text/html 18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Protocol: HTTP/1.1
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 9fe8afa33ea2ef33410be8e76421981d74217f906ab319cbfc65e52156f4eec0

Request headers

Host: www.abgaming.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=1&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=1&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455

Response headers

Server: nginx/1.16.1
Date: Thu, 09 Apr 2020 06:53:38 GMT
Content-Type: text/html
Content-Length: 625
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
X-Request-Id: 400ee770ea159412631dc394d4af62e3

GET
H2

200

Primary Request index.php Show response
lhcontinuum.co/cz/
Redirect Chain

http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=3&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_...
http://heroes.go2cloud.org/aff_c?offer_id=4&aff_id=43960&aff_sub=102d176ca238a98b597a7d8fab5d44&aff_sub2=1355
https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

9 KB
3 KB

221ms
177ms

Document
text/html

2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Requested by: Host: www.abgaming.biz
URL: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.16
Resource Hash: 5ad25f59b446a373411e9890843c17f2ab5ef0e7c8527e724e91638151d41ede

Request headers

:method: GET
:authority: lhcontinuum.co
:scheme: https
:path: /cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.abgaming.biz/aff_r?offer_id=522&aff_id=1355&redirect_pass=2&url=http%3A%2F%2Fheroes.go2cloud.org%2Faff_c%3Foffer_id%3D4%26aff_id%3D43960%26aff_sub%3D102d176ca238a98b597a7d8fab5d44%26aff_sub2%3D1355&urlauth=806534031263571684670869733455

Response headers

status: 200
date: Thu, 09 Apr 2020 06:53:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d521c9b523035d7eef7290fc3cddca9c01586415219; expires=Sat, 09-May-20 06:53:39 GMT; path=/; domain=.lhcontinuum.co; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.3.16
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58124ff07b1f63b3-FRA
content-encoding: br

Redirect headers

Server: nginx/1.16.1
Date: Thu, 09 Apr 2020 06:53:39 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 367
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
tracking_id: 1028df9915925c7caa21d9a490aa18
Location: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Set-Cookie: enc_aff_session_5=ENC03462e231b47ab114d6a9d4224961e79794116e9d78d3598c1c43a5bd15177fa3c9ebbbd89f4bdfe3651a24cb508f0c0fcd31557862492ee65bcdb38a12e8c4792834b5befbd8dad180a312766c7b15d309ed06a7f0873f31ecc5a15956d2858d398adbd931ea85caa37352da8ecf296d0546b9f1aac8427b76e81e3715954c3daebff1810fac682d3abd1fdace33e455121efba52360f12a11fbe235df691d31223dcb9bd; expires=Sat, 09 May 2020 06:53:39 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Sat, 04 Mar 2023 17:33:39 GMT; path=/; SameSite=None; Secure
P3P: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
X-Request-Id: d771e2b078e453343bfe226624fa56b9

GET
H2 200 lxhzu34PElAT1zpLgLyqGz6p_Sk.js Show response
lhcontinuum.co/cdn-cgi/apps/head/ 4 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/cdn-cgi/apps/head/lxhzu34PElAT1zpLgLyqGz6p_Sk.js
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e516a2b6d590146bac924eca54315e0d1474b3ecb576c04d21332883c4452a2c

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 901106
status: 200
x-amz-request-id: 16B96483076088C7
x-amz-id-2: jyrG/9JQXXto4NWxhIdW5ulYkMJH5mWlo3x6ooKgYhtJB3QYJLNQGqNxRUL/gXedyR65Z6RerG0=
last-modified: Sun, 29 Mar 2020 20:24:19 GMT
server: cloudflare
etag: W/"7a2bce14535ddab8bccc983a51a92217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: zNpLap7qKj69jBQ88VJbQN_N1PmpivP1
cf-ray: 58124ff1abe963b3-FRA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
811 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d53fd47e38826b7cb24f54f81a47d81638f579b86d4c5c1fc1fe686a64a2115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Apr 2020 06:53:39 GMT
server: ESF
date: Thu, 09 Apr 2020 06:53:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Apr 2020 06:53:39 GMT

GET
H2 200 bootstrap.min.css
lhcontinuum.co/css/ 114 KB
18 KB 15ms
14ms Stylesheet
text/css 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/css/bootstrap.min.css
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b52aeb00dc32e045a0bbc346b919512a5da206d6efb8c5a669dc4055a3b850c8

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3844
etag: W/"1c61e-5a2d52a0b1f4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58124ff1abe463b3-FRA

GET
H2 200 font-awesome.min.css
lhcontinuum.co/css/ 30 KB
7 KB 14ms
12ms Stylesheet
text/css 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/css/font-awesome.min.css
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3844
etag: W/"7918-5a2d52a0b1f4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58124ff1abe763b3-FRA

GET
H2 200 pb-Styles.css
lhcontinuum.co/css/ 20 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/css/pb-Styles.css?v=20
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ddbd58201fb267ae46eadf6b49680fcb65086f2b98208ac6342444c92b54b8

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: W/"4fdc-5a2d52a0b1f4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58124ff1abeb63b3-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 03:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1048726
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Mar 2021 03:34:53 GMT

GET
H2 200 logo.png
lhcontinuum.co/img/ 10 KB
10 KB 14ms
13ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/logo.png
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498b75c83fbd403fa0b9e818cc1fb55a7da440a01436f403af35c605e3611ee8

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: "28cf-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1abec63b3-FRA
content-length: 10447

GET
H2 200 img-1.png
lhcontinuum.co/img/ 2 KB
2 KB 18ms
17ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/img-1.png
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c47d0d36037dc0602e850e6b5209b8c9d4a3b58ccd4e83d7c4ee9f011137bf9

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: "7fa-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1abed63b3-FRA
content-length: 2042

GET
H2 200 img-2.png
lhcontinuum.co/img/ 2 KB
2 KB 12ms
12ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/img-2.png
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe544df0675668c3078264867762acef749270cf99e128905ccc41f68e3648bc

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: "64f-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1cc0363b3-FRA
content-length: 1615

GET
H2 200 img-3.png
lhcontinuum.co/img/ 3 KB
3 KB 13ms
13ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/img-3.png
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442cabe22722c12d90e16e27d6f3b35158bed24b9633641c415b72e0f62bafb2

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: "c6f-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1cc0663b3-FRA
content-length: 3183

GET
H2 200 img-4.png
lhcontinuum.co/img/ 2 KB
2 KB 11ms
10ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/img-4.png
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b8dbb354cd72b0a02eea658d982fc992041a7c838e3cc9ec56b8f9a8e104ce

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3843
etag: "892-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1dc0f63b3-FRA
content-length: 2194

GET
H2 200 AaROdape5HLIFfaGvuRizTUXx2k.js Show response
lhcontinuum.co/cdn-cgi/apps/body/ 770 B
532 B 14ms
14ms Script
application/javascript 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcontinuum.co/cdn-cgi/apps/body/AaROdape5HLIFfaGvuRizTUXx2k.js
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cdn-cgi/apps/head/lxhzu34PElAT1zpLgLyqGz6p_Sk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05457c3ab486ac42045fd627f2c086f7537eeb32025e452759fb14b41f4cb5b7

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 901106
status: 200
x-amz-request-id: 80C2A4A4C494C749
x-amz-id-2: J0N2lb3K8W11X+TO/WfPqHdDKv/CATFmCIFtnfMoj+VN9miJ6xdwrHW/TDC+NT7Dsywh24YJrBM=
last-modified: Sun, 29 Mar 2020 20:24:19 GMT
server: cloudflare
etag: W/"f03abf196996644c68579668e5f19b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: MGwhDmt5bijbnwmQx4OnRpfBkhjkroTR
cf-ray: 58124ff1dc1363b3-FRA

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 86ms
43ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=473832&u=https%3A%2F%2Flhcontinuum.co%2Fcz%2Findex.php%3Faffiliate_id%3D43960%26offer_id%3D5%26transaction_id%3D1028df9915925c7caa21d9a490aa18%26lead_event%3D5%26optin_event%3D%26pxt%3D%7Bpxt%7D%26purl%3D%7Bpurl%7D&f=1&r=0.4903091296318445
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra2 /
Resource Hash: 08bd4ff902e97a71175c4817ea9b4d387b6ac67e140b252414cb1798e0aa7560

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: gzip
server: gfra2
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

gmi
data.ad-score.com/
Redirect Chain

https://data.ad-score.com/img?pid=1000583&tid=&l1=&l2=&l3=&l4=&l5=&l6=&l7=&cb=0.10164440646015271
https://data.ad-score.com/gmi

35 B
447 B

137ms
136ms

Image
image/gif

130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/gmi
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 09 Apr 2020 06:53:40 GMT
Etag: ELwBFdlMKgxW
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: no-cache, max-age=864000
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 35

Redirect headers

Location: https://data.ad-score.com/gmi
Date: Thu, 09 Apr 2020 06:53:39 GMT
Connection: keep-alive
Content-Length: 0

GET
H2 200 euj_cz_small.png
lhcontinuum.co/img/games/ 257 KB
257 KB 50ms
49ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/games/euj_cz_small.png?v=18
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1082aaa641714333d0d1ae182e95801a62b7140e1683db072b847f1fb10d8b17

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Apr 2020 06:51:14 GMT
server: cloudflare
etag: "4043e-5a2d60afc5fd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1ec1f63b3-FRA
content-length: 263230

GET
H2 200 cz_small_eu.png
lhcontinuum.co/img/play_btn/ 17 KB
17 KB 61ms
61ms Image
image/png 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/play_btn/cz_small_eu.png?v=13
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2170c7a5609b0f7f788ce0da90c20201fa3fe60a0fa50adf9ba1b746993b12

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Apr 2020 06:51:14 GMT
server: cloudflare
etag: "4574-5a2d60afd270b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff1ec2063b3-FRA
content-length: 17780

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24ab5427bc8200b32e36656be5d10a4698cd2f5b2f0f49336b8b2cbb50053ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 22:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:18 GMT
server: sffe
age: 2536272
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7944
x-xss-protection: 0
expires: Wed, 10 Mar 2021 22:22:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 15:56:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1004228
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Sun, 28 Mar 2021 15:56:31 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 10:28:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 159933
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Wed, 07 Apr 2021 10:28:06 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v9/ 5 KB
5 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDD4Z1JlFd2JQEl8qw.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

645e7155cf88842e2f014329389c6e4cc90f549ff044f095fc03da3a1d5a037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 18:42:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:09 GMT
server: sffe
age: 43844
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5320
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:42:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v9/ 5 KB
5 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1JlFd2JQEl8qw.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73e74ee946b2bb4a7cd67906e4e01a228ec3cc8a6c42cff1bfe614d5e704b398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 21:59:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 2537665
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5232
x-xss-protection: 0
expires: Wed, 10 Mar 2021 21:59:14 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecnFHGPezSQ.woff2
fonts.gstatic.com/s/poppins/v9/ 5 KB
5 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJnecnFHGPezSQ.woff2

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d28e623b7113f978c1e281288a96e903224e6d6b75090efa86b041bf3d66723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,800&display=swap
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 01:04:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:05 GMT
server: sffe
age: 20963
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5252
x-xss-protection: 0
expires: Fri, 09 Apr 2021 01:04:16 GMT

GET
H2 200 piwik.js Show response
is.traffic.gg/ 67 KB
68 KB 133ms
55ms Script
application/javascript 136.243.99.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://is.traffic.gg/piwik.js
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cdn-cgi/apps/body/AaROdape5HLIFfaGvuRizTUXx2k.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.99.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.99.243.136.clients.your-server.de
Software: nginx / PleskLin
Resource Hash: b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
etag: "5e798bad-10d63"
last-modified: Tue, 24 Mar 2020 04:25:17 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 68963

GET
H2 200 tag-f38e4e0d026c13d3f2233a689e92404c.js Show response
dev.visualwebsiteoptimizer.com/web/djEkdGU6Ni4wOmFzeW5jJWdxdWVyeQ==/ 133 KB
38 KB 90ms
48ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djEkdGU6Ni4wOmFzeW5jJWdxdWVyeQ==/tag-f38e4e0d026c13d3f2233a689e92404c.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=473832&u=https%3A%2F%2Flhcontinuum.co%2Fcz%2Findex.php%3Faffiliate_id%3D43960%26offer_id%3D5%26transaction_id%3D1028df9915925c7caa21d9a490aa18%26lead_event%3D5%26optin_event%3D%26pxt%3D%7Bpxt%7D%26purl%3D%7Bpurl%7D&f=1&r=0.4903091296318445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: 740ba2d99dd1ede786695217c8d050368387123a21987acd7147106989133372

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
last-modified: Fri, 27 Mar 2020 11:30:19 GMT
server: gbel1
access-control-allow-origin: *
etag: "5e7de3cb-98f0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39152
via: 1.1 google

GET
H2 200 tag-c941a21945d9f010e77c6eda8eba1ba4.js Show response
dev.visualwebsiteoptimizer.com/web/djEkYTozLjA6bm9qcXVlcnksdHI6Ni4w/ 83 KB
22 KB 90ms
47ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djEkYTozLjA6bm9qcXVlcnksdHI6Ni4w/tag-c941a21945d9f010e77c6eda8eba1ba4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=473832&u=https%3A%2F%2Flhcontinuum.co%2Fcz%2Findex.php%3Faffiliate_id%3D43960%26offer_id%3D5%26transaction_id%3D1028df9915925c7caa21d9a490aa18%26lead_event%3D5%26optin_event%3D%26pxt%3D%7Bpxt%7D%26purl%3D%7Bpurl%7D&f=1&r=0.4903091296318445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: 1e5ac5fd4766160f25b40a2b5b726a22c9170339a77732a50e7a5304e4fb8484

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
last-modified: Fri, 27 Mar 2020 11:30:19 GMT
server: gbel1
access-control-allow-origin: *
etag: "5e7de3cb-54af"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 21679
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
218 B 126ms
126ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=473832&d=lhcontinuum.co&u=DC69D3DB97552C73012BE1E3565FA053C&h=2e4720e0c4ba51f4f354896fde89115b&t=false&r=0.6627007490738659

Requested by

Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1-c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 09 Apr 2020 06:53:39 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1-c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 main-BG.jpg
lhcontinuum.co/img/ 176 KB
177 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::681c:1d98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhcontinuum.co/img/main-BG.jpg
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1d98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a974c368b3bb30a55b687bcd671d8c190c52dc2d2ed3728c69f2a8e90dbc1d57

Request headers

Referer: https://lhcontinuum.co/css/pb-Styles.css?v=20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 05:48:20 GMT
server: cloudflare
age: 3842
etag: "2c1de-5a2d52a0bee53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58124ff27c6f63b3-FRA
content-length: 180702

GET
H2 400 piwik.php
is.traffic.gg/ 278 B
374 B 56ms
56ms Image
image/gif 136.243.99.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is.traffic.gg/piwik.php?action_name=Lottery%20Heroes&idsite=69&rec=1&r=964290&h=8&m=53&s=39&url=https%3A%2F%2Flhcontinuum.co%2Fcz%2Findex.php%3Faffiliate_id%3D43960%26offer_id%3D5%26transaction_id%3D1028df9915925c7caa21d9a490aa18%26lead_event%3D5%26optin_event%3D%26pxt%3D%7Bpxt%7D%26purl%3D%7Bpurl%7D&_id=3932ccc246730055&_idts=1586415220&_idvc=1&_idn=0&_refts=0&_viewts=1586415220&send_image=1&cookie=1&res=1600x1200&gt_ms=177&pv_id=hFeaZM
Requested by: Host: lhcontinuum.co
URL: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.99.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.99.243.136.clients.your-server.de
Software: nginx / PHP/7.4.4
Resource Hash: 0cb76f63f076e3ffeebb5f5c96a0406f1dabea46dd7eb7ee1789bb61163e11cc

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 400
date: Thu, 09 Apr 2020 06:53:39 GMT
cache-control: no-store
server: nginx
x-powered-by: PHP/7.4.4
content-type: image/gif

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 34 KB
4 KB 43ms
43ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=473832&settings_type=1&vn=6.0&r=0.1482402553087685
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djEkdGU6Ni4wOmFzeW5jJWdxdWVyeQ==/tag-f38e4e0d026c13d3f2233a689e92404c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e6b7df0677010610f403b2570d831a29be07f39eefc6f3903ed9a8da917b5a6d

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: gzip
server: gfra1
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 60ms
60ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djEkdGU6Ni4wOmFzeW5jJWdxdWVyeQ==/tag-f38e4e0d026c13d3f2233a689e92404c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://lhcontinuum.co/cz/index.php?affiliate_id=43960&offer_id=5&transaction_id=1028df9915925c7caa21d9a490aa18&lead_event=5&optin_event=&pxt={pxt}&purl={purl}
Origin: https://lhcontinuum.co
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 06:53:39 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:39:45 GMT
server: gbel1
status: 200
etag: "5e6f0311-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13599
via: 1.1 google

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lhcontinuum.co/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.lhcontinuum.co/	1970-01-19 08:40:17	Name: _vwo_sn Value: 0%3A1
lhcontinuum.co/	1970-01-19 18:06:10	Name: _pk_id.69.6ad4 Value: 3932ccc246730055.1586415220.1.1586415220.1586415220.
lhcontinuum.co/	1970-01-19 08:40:17	Name: _pk_ses.69.6ad4 Value: 1
.lhcontinuum.co/	1970-01-19 10:06:39	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241586415219%3A71.64428869%3A%3A%3A3_0%2C2_0%3A0
.lhcontinuum.co/	1970-01-23 00:16:15	Name: _vwo_uuid Value: DC69D3DB97552C73012BE1E3565FA053C
.lhcontinuum.co/	1970-01-19 11:04:15	Name: _vis_opt_s Value: 1%7C
.lhcontinuum.co/	1970-01-19 17:27:17	Name: _vwo_uuid_v2 Value: DC69D3DB97552C73012BE1E3565FA053C\|2e4720e0c4ba51f4f354896fde89115b
.lhcontinuum.co/	1970-01-19 09:23:27	Name: __cfduid Value: d521c9b523035d7eef7290fc3cddca9c01586415219

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
data.ad-score.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
heroes.go2cloud.org
is.traffic.gg
lhcontinuum.co
www.abgaming.biz
www.cdgrag.site
130.211.115.4
136.243.99.224
18.202.12.61
2606:4700:3031::681c:1d98
2a00:1450:4001:80b::200a
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2003
2a05:d018:483:6120:a203:aa46:f480:7060
2a05:d018:88e:df10:fc38:7d04:db6c:e2ef
34.96.102.137
05457c3ab486ac42045fd627f2c086f7537eeb32025e452759fb14b41f4cb5b7
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
08bd4ff902e97a71175c4817ea9b4d387b6ac67e140b252414cb1798e0aa7560
0c47d0d36037dc0602e850e6b5209b8c9d4a3b58ccd4e83d7c4ee9f011137bf9
0cb76f63f076e3ffeebb5f5c96a0406f1dabea46dd7eb7ee1789bb61163e11cc
1082aaa641714333d0d1ae182e95801a62b7140e1683db072b847f1fb10d8b17
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1845628fb7353b0ed9b119d4f6c32dccabe95a155938c613bd18e263f1e2933c
1e5ac5fd4766160f25b40a2b5b726a22c9170339a77732a50e7a5304e4fb8484
410b8ce079b31e64079f6c963359e4c7555977f1d4057f89dc828cf187b7055c
42b8dbb354cd72b0a02eea658d982fc992041a7c838e3cc9ec56b8f9a8e104ce
442cabe22722c12d90e16e27d6f3b35158bed24b9633641c415b72e0f62bafb2
498b75c83fbd403fa0b9e818cc1fb55a7da440a01436f403af35c605e3611ee8
5ad25f59b446a373411e9890843c17f2ab5ef0e7c8527e724e91638151d41ede
5d28e623b7113f978c1e281288a96e903224e6d6b75090efa86b041bf3d66723
645e7155cf88842e2f014329389c6e4cc90f549ff044f095fc03da3a1d5a037f
69ddbd58201fb267ae46eadf6b49680fcb65086f2b98208ac6342444c92b54b8
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
73e74ee946b2bb4a7cd67906e4e01a228ec3cc8a6c42cff1bfe614d5e704b398
740ba2d99dd1ede786695217c8d050368387123a21987acd7147106989133372
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d53fd47e38826b7cb24f54f81a47d81638f579b86d4c5c1fc1fe686a64a2115
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836007f19b693ab74227e58e6bad02c71aacfd33e0370795a4c3e38c4445a949
9f2170c7a5609b0f7f788ce0da90c20201fa3fe60a0fa50adf9ba1b746993b12
9fe8afa33ea2ef33410be8e76421981d74217f906ab319cbfc65e52156f4eec0
a24ab5427bc8200b32e36656be5d10a4698cd2f5b2f0f49336b8b2cbb50053ea
a974c368b3bb30a55b687bcd671d8c190c52dc2d2ed3728c69f2a8e90dbc1d57
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a
b52aeb00dc32e045a0bbc346b919512a5da206d6efb8c5a669dc4055a3b850c8
e516a2b6d590146bac924eca54315e0d1474b3ecb576c04d21332883c4452a2c
e6b7df0677010610f403b2570d831a29be07f39eefc6f3903ed9a8da917b5a6d
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fe544df0675668c3078264867762acef749270cf99e128905ccc41f68e3648bc

lhcontinuum.co Open in urlscan Pro 2606:4700:3031::681c:1d98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

86 %HTTPS

60 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

727 kBTransfer

1152 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lhcontinuum.co Open in urlscan Pro
2606:4700:3031::681c:1d98 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

86 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

727 kB
Transfer

1152 kB
Size

9
Cookies

36 HTTP transactions
0 data transactions