qxold.youhavewon.net Open in urlscan Pro
52.50.18.181 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sauwindgeca.tk/
Effective URL:
https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Submission: On April 29 via manual (April 29th 2019, 12:52:42 pm UTC) from US

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 59 HTTP transactions. The main IP is 52.50.18.181, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is qxold.youhavewon.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 20th 2019. Valid for: 3 months.

This is the only time qxold.youhavewon.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:30:... 2606:4700:30::6818:7229	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2606:4700:30:... 2606:4700:30::6818:7329	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.109.64.127 104.109.64.127	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a04:4e42:1d::84 2a04:4e42:1d::84	54113 (FASTLY) (FASTLY - Fastly)
1	2a02:26f0:f1:... 2a02:26f0:f1:29b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:30:... 2606:4700:30::681b:8571	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	108.179.229.212 108.179.229.212	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1	52.216.84.117 52.216.84.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.27.189.236 104.27.189.236	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.50.18.181 52.50.18.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
25	2.20.189.188 2.20.189.188	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
59	16

5 2606:4700:30::6818:7229 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

sauwindgeca.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:30::6818:7329 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

sauwindgeca.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.64.127 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-64-127.deploy.static.akamaitechnologies.com

cache.dominos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1d::84 (European Union) 1 redirects

ASN54113 (FASTLY - Fastly, US)

s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:29b::1931 (European Union)

ASN20940 (AKAMAI-ASN1, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:8571 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

okashiplaza.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.179.229.212 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: box6059.bluehost.com

thecrazycouponchick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.84.117 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.189.236 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

bestzinka.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.18.181 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-18-181.eu-west-1.compute.amazonaws.com

qxold.youhavewon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2.20.189.188 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-189-188.deploy.static.akamaitechnologies.com

cdn-aimi.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	akamaized.net cdn-aimi.akamaized.net	104 KB
14	sauwindgeca.tk sauwindgeca.tk	70 KB
4	gstatic.com fonts.gstatic.com	50 KB
3	blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	218 KB
2	pinimg.com 1 redirects s-media-cache-ak0.pinimg.com i.pinimg.com	22 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	youhavewon.net qxold.youhavewon.net	5 KB
1	bestzinka.site bestzinka.site	1023 B
1	amazonaws.com s3.amazonaws.com
1	thecrazycouponchick.com thecrazycouponchick.com	26 KB
1	okashiplaza.info okashiplaza.info	33 KB
1	dominos.com cache.dominos.com	41 KB
0	consumerqueen.com Failed consumerqueen.com Failed
0	shopify.com Failed cdn.shopify.com Failed
59	15

	Domain	Requested by
25	cdn-aimi.akamaized.net	qxold.youhavewon.net
14	sauwindgeca.tk	sauwindgeca.tk
4	fonts.gstatic.com	sauwindgeca.tk
2	3.bp.blogspot.com	sauwindgeca.tk
1	ajax.googleapis.com	qxold.youhavewon.net
1	maxcdn.bootstrapcdn.com	qxold.youhavewon.net
1	qxold.youhavewon.net	bestzinka.site
1	bestzinka.site	sauwindgeca.tk
1	1.bp.blogspot.com	sauwindgeca.tk
1	s3.amazonaws.com	sauwindgeca.tk
1	thecrazycouponchick.com	sauwindgeca.tk
1	okashiplaza.info	sauwindgeca.tk
1	i.pinimg.com	sauwindgeca.tk
1	s-media-cache-ak0.pinimg.com	1 redirects
1	cache.dominos.com	sauwindgeca.tk
1	fonts.googleapis.com	sauwindgeca.tk
0	consumerqueen.com Failed	sauwindgeca.tk
0	cdn.shopify.com Failed	sauwindgeca.tk
59	18

This site contains no links.

Subject Issuer	Validity	Valid
www.dominos.com Entrust Certification Authority - L1M	`2017-09-29` - `2019-12-28`	2 years	crt.sh
*.googleusercontent.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-01-10` - `2019-06-26`	6 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
*.youhavewon.net Let's Encrypt Authority X3	`2019-03-20` - `2019-06-18`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Frame ID: 0613490EAEBA03433BC78CDC7E787067
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sauwindgeca.tk/ Page URL
https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

59
Requests

54 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

609 kB
Transfer

1043 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sauwindgeca.tk/ Page URL
https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://s-media-cache-ak0.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e--pregnancy-freebies-baby-freebies.jpg HTTP 301
https://i.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e.jpg

Request Chain 16

http://consumerqueen.com/wp-content/uploads/2015/11/dollar_general_coupon.jpg HTTP 301
https://consumerqueen.com/wp-content/uploads/2015/11/dollar_general_coupon.jpg

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
sauwindgeca.tk/ 32 KB
9 KB 243ms
237ms Document
text/html 2606:4700:30::6818:7229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ab741f400e2a172243d8305e29b93ac97593480057d21f76e82a190ef09d02

Request headers

Host: sauwindgeca.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8c47b8a86a302f5024a4e98bbea7f8ce1556542344; expires=Tue, 28-Apr-20 12:52:24 GMT; path=/; domain=.sauwindgeca.tk; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4cf169b6dfc99700-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK css
fonts.googleapis.com/ 49 KB
2 KB 23ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.8

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

018f589f65229ad020ba114ff2d42b52b52582fa4b9209d1bde8fb3c2057cc09

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 12:52:25 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 29 Apr 2019 12:52:25 GMT

GET
H/1.1 200
OK style.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/ 27 KB
6 KB 32ms
29ms Stylesheet
text/css 2606:4700:30::6818:7229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/style.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c80613265e458a9fb82948520bf6a738e7c98bba9e6d3faee7c9d900e6e8bec

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:26:58 GMT
Server: cloudflare
ETag: "6b65-57d74ec519080-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b85a3e9700-FRA
Content-Length: 6216
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK editor-style.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/ 139 B
545 B 36ms
27ms Stylesheet
text/css 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/editor-style.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3db7d0589ac0ea178c38857837425f8c636023ce573b2ba0dd41c4de17d0cdd

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "8b-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b86cd5c27e-FRA
Content-Length: 123
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK nivo-slider.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/ 4 KB
2 KB 43ms
35ms Stylesheet
text/css 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/nivo-slider.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a433393c63cf616649414aa623717e73a241f39ede6ae7c473dacda56ab159c

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "e11-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b869a8c28d-FRA
Content-Length: 1200
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK responsive.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/ 6 KB
2 KB 44ms
35ms Stylesheet
text/css 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/responsive.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cec28f9d016102e31471ce9d31400c52d81899c62592e9455f94808dba5b909

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "1993-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b86cd8c27e-FRA
Content-Length: 1737
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK style_base.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/ 17 KB
4 KB 44ms
36ms Stylesheet
text/css 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/style_base.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0241baa7c969f8e71ffa2360895b81751700eb54a0d007fa3891506c94d15383

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "42f3-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b868f9c2c9-FRA
Content-Length: 3434
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK skt-gardening-lite-custom-style.css
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/ 1 B
391 B 33ms
25ms Stylesheet
text/css 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/css/skt-gardening-lite-custom-style.css?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "1-57d74ec701500"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b86ce1c2ba-FRA
Content-Length: 1
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK jquery.js Show response
sauwindgeca.tk/wp-includes/js/jquery/ 95 KB
33 KB 101ms
69ms Script
application/javascript 2606:4700:30::6818:7229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:12 GMT
Server: cloudflare
ETag: "17ba0-57d751ba50b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b8bad99700-FRA
Content-Length: 33766
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
sauwindgeca.tk/wp-includes/js/jquery/ 10 KB
4 KB 57ms
24ms Script
application/javascript 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:12 GMT
Server: cloudflare
ETag: "2748-57d751ba50b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b88d60c2ba-FRA
Content-Length: 4014
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK jquery.nivo.slider.js Show response
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/js/ 29 KB
5 KB 58ms
22ms Script
application/javascript 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/js/jquery.nivo.slider.js?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850b7d6838f446b700784d64c8a00c786f563ce55460635bc823ea9fdbae0c09

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "744f-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b88d9dc27e-FRA
Content-Length: 4888
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK custom.js Show response
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/js/ 2 KB
1 KB 71ms
26ms Script
application/javascript 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/js/custom.js?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a8cbe7bc6dbd67edb7e729eb472b381938199aad19ea3dcd05a7afd419f7a6

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:27:00 GMT
Server: cloudflare
ETag: "860-57d74ec701500-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b89a84c28d-FRA
Content-Length: 780
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H2 200 startYourOrder.jpg
cache.dominos.com/olo/5_33_2/assets/build/market/US/_en/images/img/about-pizza/ 41 KB
41 KB 246ms
186ms Image
image/jpeg 104.109.64.127
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.dominos.com/olo/5_33_2/assets/build/market/US/_en/images/img/about-pizza/startYourOrder.jpg
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.64.127 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-127.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 135389b1a6736088c7675dda32b602df882f04d75122d9c968a049fd75f189d5

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 12:52:25 GMT
last-modified: Wed, 23 May 2018 17:38:12 GMT
server: Apache
access-control-allow-origin: *
etag: "2862998f8b5e7cb0d9cccfcac157e703:1527097092"
content-type: image/jpeg
status: 200
cache-control: max-age=600
content-length: 41974
expires: Mon, 29 Apr 2019 13:02:25 GMT

GET
H2 200 %2B27719576968+Missouri%29.jpg
3.bp.blogspot.com/-V2OmGSJB9SA/V9wHLIBxN6I/AAAAAAAAAn4/EZYi1DP8tIQYBEcjgHJ0Ne4VA-QOwvEhgCLcB/w1200-h630-p-k-no-nu/ 53 KB
53 KB 61ms
16ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-V2OmGSJB9SA/V9wHLIBxN6I/AAAAAAAAAn4/EZYi1DP8tIQYBEcjgHJ0Ne4VA-QOwvEhgCLcB/w1200-h630-p-k-no-nu/%2B27719576968+Missouri%29.jpg

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c246e689348a5f344fa419bcda480f5b8bfefc903053969602b0c766f599ed4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 12:52:25 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="+27719576968 Missouri).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 53817
x-xss-protection: 0
server: fife
etag: "v282"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 15 Apr 2019 16:52:49 GMT

GET 0350-2.jpg
cdn.shopify.com/s/files/1/0329/8469/products/ 0
0

GET
H2

200

e5179035dbcb7f05bc9bf956f8fbed3e.jpg
i.pinimg.com/736x/e5/17/90/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e--pregnancy-freebies-baby-freebies.jpg
https://i.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e.jpg

21 KB
21 KB

222ms
163ms

Image
image/jpeg

2a02:26f0:f1:29b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e.jpg
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:29b::1931 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 1ff57dddf6b9b3309da838e2b6533113b95c2d32481cceaf06a51c2b0eedfd8c

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cdn: akamai
etag: "5e00d5150e4a84d64c9fb9b8d4164680"
vary: Origin
content-type: image/jpeg
status: 200
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 21780

Redirect headers

date: Mon, 29 Apr 2019 12:52:25 GMT
x-cdn: fastly
location: https://i.pinimg.com/736x/e5/17/90/e5179035dbcb7f05bc9bf956f8fbed3e.jpg
vary: Origin
status: 301
accept-ranges: bytes
content-length: 0
retry-after: 0

GET

dollar_general_coupon.jpg
consumerqueen.com/wp-content/uploads/2015/11/
Redirect Chain

http://consumerqueen.com/wp-content/uploads/2015/11/dollar_general_coupon.jpg
https://consumerqueen.com/wp-content/uploads/2015/11/dollar_general_coupon.jpg

0
0

GET
H/1.1 200
OK wk4711_email_coupon.jpg
3.bp.blogspot.com/-VDTBeZ2JejM/TvTOqvY_1pI/AAAAAAAAHOU/Z60fENIrE9A/s1600/ 88 KB
89 KB 474ms
462ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-VDTBeZ2JejM/TvTOqvY_1pI/AAAAAAAAHOU/Z60fENIrE9A/s1600/wk4711_email_coupon.jpg

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1ce5"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="wk4711_email_coupon.jpg"
Timing-Allow-Origin: *
Content-Length: 90581
X-XSS-Protection: 0
Expires: Tue, 30 Apr 2019 12:52:25 GMT

GET
H/1.1 200
OK gorilla-paper-coupon-gorilla-tape-home-decor-ideas-diy-home-decor-ideas-for-small-kitchen.jpg
okashiplaza.info/wp-content/uploads/2018/11/ 32 KB
33 KB 109ms
67ms Image
image/jpeg 2606:4700:30::681b:8571
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://okashiplaza.info/wp-content/uploads/2018/11/gorilla-paper-coupon-gorilla-tape-home-decor-ideas-diy-home-decor-ideas-for-small-kitchen.jpg
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:8571 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742c8a6a33c2adb9e78b7d161e5f8ddecd84028cde564f63cbc497cde9e27cdf

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 18 Jul 2018 22:38:42 GMT
Server: cloudflare
ETag: "293da6f-81d1-5714db9869e86"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b96d63c26f-FRA
Content-Length: 33233
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK daisy1.jpg
thecrazycouponchick.com/wp-content/uploads/2016/09/ 26 KB
26 KB 451ms
264ms Image
image/jpeg 108.179.229.212
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecrazycouponchick.com/wp-content/uploads/2016/09/daisy1.jpg
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 108.179.229.212 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: box6059.bluehost.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Wed, 07 Sep 2016 16:31:41 GMT
Server: nginx/1.14.1
Content-Type: image/jpeg
X-Acc-Exp: 600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26367
X-Proxy-Cache: BYPASS thecrazycouponchick.com

GET
H/1.1 200
OK 56559827e84f.jpeg
s3.amazonaws.com/tanga-images/ 34 KB
0 491ms
159ms Image
image/jpeg 52.216.84.117
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/tanga-images/56559827e84f.jpeg
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.84.117 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:26 GMT
Last-Modified: Fri, 11 Nov 2016 04:23:33 GMT
Server: AmazonS3
x-amz-request-id: 65C1A194A9BED1F2
ETag: "76e53b45459e0a3c8c3c5603821064f2"
Content-Type
Content-Length: 506329
Accept-Ranges: bytes
x-amz-version-id: FKOcJrK2XjkkWXaR2dOSW8635RSdKDP1
x-amz-id-2: UUdHDtcUfco8hZOeaeJhbQbVfH+ApdJ/z/BuKnPFcMIWRFIpRlednf9pbhU7HOhJ0XuXomM4WOM=

GET
H/1.1 200
OK Coach+discount+coupon.jpg
1.bp.blogspot.com/-WTLOGgMJ4tU/VStccV2y5rI/AAAAAAAAyMs/kida1E71bRM/s1600/ 76 KB
76 KB 47ms
17ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-WTLOGgMJ4tU/VStccV2y5rI/AAAAAAAAyMs/kida1E71bRM/s1600/Coach+discount+coupon.jpg

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2a5794a421fa661ed4c337652dfd05fcfcfbaa7cd80ae3598e5915fe60c3ceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vc8cc"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Coach discount coupon.jpg"
Timing-Allow-Origin: *
Content-Length: 77513
X-XSS-Protection: 0
Expires: Tue, 30 Apr 2019 12:52:25 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
sauwindgeca.tk/wp-includes/js/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:30::6818:7329
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-includes/js/wp-embed.min.js?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7329 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:12 GMT
Server: cloudflare
ETag: "576-57d751ba50b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b8ce57c27e-FRA
Content-Length: 751
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 404
Not Found wp-emoji-release.min.js
sauwindgeca.tk/wp-includes/js/ 0
0 36ms
33ms Script
text/html 2606:4700:30::6818:7229
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://sauwindgeca.tk/wp-includes/js/wp-emoji-release.min.js?ver=4.8
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4cf169b92bca9700-FRA
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK G9KK8G
bestzinka.site/ 244 B
1023 B 340ms
214ms Script
application/javascript 104.27.189.236
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://bestzinka.site/G9KK8G?frm=script&se_referrer=&default_keyword=At%26t%20coupon%20code%20uverse%20internet%20only
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 104.27.189.236 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://sauwindgeca.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 12:52:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: keep-alive
CF-RAY: 4cf169ba3e1dc869-AMS
Content-Length: 177
Expires: Thu, 21 Jul 1977 07:30:00 GMT

GET
H/1.1 200
OK mobile_nav_right.png
sauwindgeca.tk/wp-content/themes/skt-gardening-lite/images/ 118 B
512 B 58ms
55ms Image
image/png 2606:4700:30::6818:7229
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/images/mobile_nav_right.png
Requested by: Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7229 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 205de1b4ed634feb1c8329bd1754baac574ec2cb2bab3475b8a2184c5d53bdd2

Request headers

Referer: http://sauwindgeca.tk/wp-content/themes/skt-gardening-lite/style.css?ver=4.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:26:58 GMT
Server: cloudflare
ETag: "76-57d74ec519080"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4cf169b96c269700-FRA
Content-Length: 118
Expires: Mon, 29 Apr 2019 16:52:25 GMT

GET
H/1.1 200
OK ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v17/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v17/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.8
Origin: http://sauwindgeca.tk

Response headers

Date: Mon, 25 Mar 2019 20:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:13:29 GMT
Server: sffe
Age: 2996266
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 10996
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 20:34:39 GMT

GET
H/1.1 200
OK JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.8
Origin: http://sauwindgeca.tk

Response headers

Date: Mon, 25 Mar 2019 20:29:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:05:58 GMT
Server: sffe
Age: 2996571
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13708
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 20:29:34 GMT

GET
H/1.1 200
OK ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v17/ 11 KB
11 KB 16ms
9ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v17/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.8
Origin: http://sauwindgeca.tk

Response headers

Date: Mon, 25 Mar 2019 20:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:13:46 GMT
Server: sffe
Age: 2996266
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 10968
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 20:34:39 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ 14 KB
14 KB 16ms
8ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: sauwindgeca.tk
URL: http://sauwindgeca.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C400%2C600%2C700%2C800%2C900%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&ver=4.8
Origin: http://sauwindgeca.tk

Response headers

Date: Mon, 25 Mar 2019 20:27:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:13:00 GMT
Server: sffe
Age: 2996692
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14044
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 20:27:33 GMT

GET
H2 200 Primary Request 1f0a2cb367c37dee Show response
qxold.youhavewon.net/c/ 28 KB
5 KB 269ms
70ms Document
text/html 52.50.18.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Requested by: Host: bestzinka.site
URL: http://bestzinka.site/G9KK8G?frm=script&se_referrer=&default_keyword=At%26t%20coupon%20code%20uverse%20internet%20only
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.18.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-18-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f756ec03ad4af915fd38d940bbb8cc167a95f776cbc289058c4e50097836f8b

Request headers

:method: GET
:authority: qxold.youhavewon.net
:scheme: https
:path: /c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://sauwindgeca.tk/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://sauwindgeca.tk/

Response headers

status: 200
server: nginx
date: Mon, 29 Apr 2019 12:52:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: unique_1967510=unique_1967510; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5cc6f389b9b4a005395624; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly unique_1967510=unique_1967510; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5cc6f389b9b4a005395624; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=330097_23350_137932; expires=Wed, 29-May-2019 12:52:25 GMT; Max-Age=2592000; path=/; HttpOnly unique_1967510=unique_1967510; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5cc6f389b9b4a005395624; expires=Tue, 30-Apr-2019 12:52:25 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=330097_23350_137932; expires=Wed, 29-May-2019 12:52:25 GMT; Max-Age=2592000; path=/; HttpOnly
content-encoding: gzip

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 35ms
9ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Apr 2019 12:52:25 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK bootstrap.css
cdn-aimi.akamaized.net/landings/121860/1521187853/css/ 98 KB
17 KB 63ms
15ms Stylesheet
text/css 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/css/bootstrap.css?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:57 GMT
Server: AmazonS3
x-amz-request-id: FE2E61A2C02F2749
ETag: "8a7442ca6bedd62cec4881040b9a9e83"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17160
x-amz-id-2: VLljVio2OYLhmO4cFbu0XOzxm9BryXrYvqwzzfOmihhBgUjveFGeYqIUaYEckV5EDt38vd4EU14=

GET
H/1.1 200
OK main.css
cdn-aimi.akamaized.net/landings/121860/1521187853/css/ 10 KB
3 KB 60ms
12ms Stylesheet
text/css 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/css/main.css?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4c81f5aa249ba0d0bd83c3e403590e743bdc25bc37f0834b6ae752edc2165d7

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:57 GMT
Server: AmazonS3
x-amz-request-id: 1E79EDA8A52482C1
ETag: "294aa0782be03554e28d30d877bd2d4a"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2492
x-amz-id-2: BtM4YazhbF/OOzPd7b1Nd2hcsn2EW8DE3Jp7NhwWcD0CBWbvRqIiD5ERMeE7ILNl3jQL6D95gmc=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js?1521187853

Requested by

Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4440788
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30028
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:19:17 GMT

GET
H/1.1 200
OK bootstrap.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 28 KB
8 KB 62ms
14ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/bootstrap.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: C9349D12F1D02661
ETag: "ba847811448ef90d98d272aeccef2a95"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7679
x-amz-id-2: WHYLBannFDORVEya/7VdY5FBMXCQ3JQUnklu5mL2SZyooISZR9d36CH68izU3V1C0XyouKrcbUM=

GET
H/1.1 200
OK main.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 1 KB
771 B 61ms
13ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/main.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8415abaabb26fe68590eb086a43ff6abb3ef683fb24e0a2e6fb86b3ec93fc91

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: 3869D5EFC6DFC444
ETag: "8b1ebe52b7e264f632fbd1c5fcd93de4"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338
x-amz-id-2: b8ZEXkOdMtrnrq6d6IkzFo4M/sTSuq6VETnINQdYd6ut+x9m3XKdB8NfwtLkn1VgTVRLhdxPXxA=

GET
H/1.1 200
OK returnDate.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 1 KB
900 B 62ms
14ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/returnDate.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f7a34f1c806bb9c1091558719ca37ae42b7489b3742c67dd850f177b1d635a45

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: 1C0B87A395C8944C
ETag: "50c340711d920fd7555736d4f63b227a"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 467
x-amz-id-2: aoxPbD8iyU1efsh37Ym7pTZLxlsn5YluY+pIv26ly1FLvrqg+fWm4nIlyjOoTl8IYlOF+MarcAw=

GET
H/1.1 200
OK detect-browser.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 3 KB
1023 B 61ms
13ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/detect-browser.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2446cf6020ae3e1d053112e171b48de3fe4668014d79667bf33eb119c2685925

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: C1D1CD973A09BB99
ETag: "1017e19c48e3562a343e611cb5c9f41f"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 590
x-amz-id-2: KILK3oGcDZz2vdZYmsAeotAn8A9GuSzx4kXp/auN8/33Z9TJaSMSN5eKKkmXJi7xiX4Lp2/JDD0=

GET
H/1.1 200
OK functions.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 2 KB
1 KB 75ms
11ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/functions.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5a39904c92771c94fecbb6f744fd6784c10a3298d5551bf2d5f3fcdb45e42e57

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: 38106A67F1F2D89A
ETag: "c55f55c6d4433a013d877198c43911be"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 738
x-amz-id-2: KKKilIyu4OjSMqQG2ASsCgBGFRNYs11sDF+hWue1N27gbXSnA+TJQI03tlzbRmn2I3uZ0DH2l0A=

GET
H/1.1 200
OK pulse-favicon.js Show response
cdn-aimi.akamaized.net/landings/121860/1521187853/js/ 2 KB
1 KB 75ms
11ms Script
text/javascript 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/js/pulse-favicon.js?1521187853
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 947b6a10d7033a6fbb3e782b02dc690b8464ac06333319db61653417d271d91b

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Mar 2018 08:10:58 GMT
Server: AmazonS3
x-amz-request-id: 658596AE2A7AE85F
ETag: "71a10af9dbe7ca4b74e06cc79aa58ed9"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 632
x-amz-id-2: FZFq3SlGEwzxYX9D/JNtZU2QLJyGq7ZhvKiv4R19hS0DNhjXeT2d+49Ten3LRjh9I3HfK2CZKqg=

GET
H/1.1 200
OK chrome.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 5 KB
5 KB 12ms
10ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/chrome.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3a2cac8f63e524f8a4fa598d8ed8051fe9b744b840f7130b082255770fc39670

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:56 GMT
Server: AmazonS3
x-amz-request-id: BA9DC2E872BEC52D
ETag: "050e6e6c436e4df8066314f7751541d9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5085
x-amz-id-2: ttoEGKPO0fL76qZ1mbEqDHU11ZmdjrfFLnbckykZP4p0b5Lutt52+PaesU89P59ybDxSuGwfdF0=

GET
H/1.1 200
OK opera.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 5 KB
5 KB 12ms
10ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/opera.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd9bebc6c494b71db031c6ceed2e7c1503a8e9258e00ae5b7c25a1e298cdf241

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:56 GMT
Server: AmazonS3
x-amz-request-id: AA2316B64068D225
ETag: "b9a5931659f68cfb191cc329ede0cf30"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5170
x-amz-id-2: yoIBsPI2cqJcokrb61TESjx044jYnO5qduJj2Bszro/l+PLywybOPkKcbneCvhIPhs2iz7B3ZR4=

GET
H/1.1 200
OK ff.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 5 KB
5 KB 22ms
20ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/ff.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: de2e8e075786e304dc52ef21f40a552db8c24d248e583843af38958138f69d0d

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:57 GMT
Server: AmazonS3
x-amz-request-id: F21553DE44CC966B
ETag: "4af1279fe06564791efe9eadbc66b9db"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4725
x-amz-id-2: MxcCbZWZbNFeRAZAI7f3Q7qiB5zQOev6w4mLGb0Bp+mWSsAvIt0Bkr9oU9in7nFZMh7v/hNx9S0=

GET
H/1.1 200
OK ie.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 3 KB
4 KB 22ms
20ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/ie.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ef2cd2629b4b9057ed254d71dee8658a1ab1f2f0cf54f08f0d6ed2bf9480760a

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:56 GMT
Server: AmazonS3
x-amz-request-id: 7CCCD7DD103BB137
ETag: "4a7987a061313284325ee1fda9600813"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3527
x-amz-id-2: Ft56DW577Hlz1Kpt1jENdj359PrmrE0gIOs89pdrPsDKuxCGpLZ4MHUOEehnb4n0Hjwln8gG0P4=

GET
H/1.1 200
OK safari.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 13 KB
13 KB 8ms
7ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/safari.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bcbc9c2be11bb7450b1b0c890255e252810a5f67e01d268851c7a09882ef78f2

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:56 GMT
Server: AmazonS3
x-amz-request-id: CC19D7E857AEC949
ETag: "64a662e12526bf96f4ac29eb7bb50328"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13135
x-amz-id-2: njvMcUn/WYFhd4ZjjV6mojAI2YZuR+e+pHMLwb8+tJdTOizcLK+bhpJjlSdJBPqXuhmD8sOcz0Q=

GET /
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 0
0

GET
H/1.1 200
OK iphoneXb.png
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 15 KB
16 KB 9ms
8ms Image
image/png 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/iphoneXb.png
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 30244bafbb1a8d83a39c6ce75984df9d186863dcfc0e4a8f7ef36c39a96c9061

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 077E2C980DD5D6A0
ETag: "2d25c73ce49fe21f196ed5fa84c18467"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15785
x-amz-id-2: GrKUXwBU17cpM3Ni6VevjAO0QmTYn+EPPrs9V3jttylDxlCefM2wxFMLQKMeIXEYwZxvwNSfF5w=

GET
H/1.1 200
OK img1.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 1 KB
2 KB 12ms
7ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img1.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 1D66FA894313077A
ETag: "c3c59916d3b4977017c89125dc42b664"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1315
x-amz-id-2: jUE8NCZyDGdOeGaIvFrYPmPHLrutu1vCN+MmAMZeSnk35PaDifOndEnjN2wZT0JwyDAgF3Qmj+Q=

GET
H/1.1 200
OK img2.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 1 KB
2 KB 13ms
8ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img2.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 087C12E8982A1F26
ETag: "92b944714cea3e478a8e50dea1a80b26"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1297
x-amz-id-2: 4LHRH8uSMh6v2smPJVHoFYi7SbiiBXAeo9yRkCPog++Tlu+x6JLe5SJJEIct+4/RRYyj+5pxpKA=

GET
H/1.1 200
OK img3.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
3 KB 10ms
8ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img3.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 66BCA040DD3F2163
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2336
x-amz-id-2: 7CU/e4IZZnqfxkZpF6sgwlI/zqqLDJVjOfFPU6obbYrq7Uk0P9oEZ9d6NYj6kJUjXPGZg5mRXUQ=

GET
H/1.1 200
OK img4.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 1 KB
2 KB 9ms
8ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img4.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: AEFBBCDF22330D94
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1169
x-amz-id-2: +mf5apNft/puynEPk8npof6FYG4oLjUZ4UjhQ+kmX/o9B3m0bytJMbeD4UBRFf9c7KN7x5WETho=

GET
H/1.1 200
OK img5.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
2 KB 8ms
8ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img5.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 46E68B105CE064C6
ETag: "6d02d5cf49120718501b9a6629290c48"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2037
x-amz-id-2: +UCLyCOQXvDrEToDh2I/deyvE3TU/cc7ss3Scec3gP/fKqn9T3pFTQc5UvIn3j6ljAaVRxTDNdE=

GET
H/1.1 200
OK img6.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
2 KB 11ms
9ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img6.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 9B01361820D7315E
ETag: "f48aa7778890400e3be6131e64cd4236"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2143
x-amz-id-2: paQdG33h0dkJ+jyGgUagWRkJjB1AV417zNGjva7l//e4rEnrJPGp3w5cxXZOj8eUdc+XSJZWvKY=

GET
H/1.1 200
OK img7.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
3 KB 9ms
8ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img7.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 65D6D9ED8D7146DD
ETag: "7364bf39dcf0941d3a1760e46a562710"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2264
x-amz-id-2: fv/MCypzCWFk/D++mZPkeywoKysobZuJtek2+WGMdqLvrvnRtUjjwKFAHXI0WZ/cm6WlAPkabAU=

GET
H/1.1 200
OK img8.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
2 KB 8ms
7ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img8.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 2237D84391C4FBD1
ETag: "5da3831556c780010e0e5c5b967e43ce"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1608
x-amz-id-2: /lSegrcD/kB1vx0Aqlnu4Tmg0W56ZWcUIp9cVkvotSanY/nN2WJXSTWAisIcdRVNo38Ef/fOV/Y=

GET
H/1.1 200
OK img9.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 1 KB
2 KB 12ms
11ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img9.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6592c5497d79980109ee577663beac8d709726a63329f893775f89083cc8858e

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: F784E2731B818A26
ETag: "a2dbd5c25807fbad37aceb676e90cd66"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1374
x-amz-id-2: XrUUCBJa3TVLFHeE4X1ReVrrpdehpiUPhP173rqdE8jxTnFoCnGk3REkstBZAWKfB79/5R+m1vk=

GET
H/1.1 200
OK img10.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 1 KB
2 KB 12ms
11ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img10.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 7581197370A12B28
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1506
x-amz-id-2: FglPbRGhmHylIe5E5MHJWS5uEzwbn5h5n3AX0yZzWTszhwiforSkwi1wXdMBMdPGI+ZGhE3DsG8=

GET
H/1.1 200
OK img11.jpg
cdn-aimi.akamaized.net/landings/121860/1521187853/images/ 2 KB
2 KB 8ms
7ms Image
image/jpeg 2.20.189.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/img11.jpg
Requested by: Host: qxold.youhavewon.net
URL: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.189.188 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-189-188.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d8d2b0e0baad97e943838712911352a8c9dd0d5bf2114e78c3d1649bcc0d634a

Request headers

Referer: https://qxold.youhavewon.net/c/1f0a2cb367c37dee?s1=23350&s2=137932&click_id=3cpikkne50doi6un&j1=1&j3=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 29 Apr 2019 12:52:25 GMT
Last-Modified: Fri, 16 Mar 2018 08:10:55 GMT
Server: AmazonS3
x-amz-request-id: 49CC18A3F32124B8
ETag: "14ca7a7e1bb1db7a31af7c44a0ae9062"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1610
x-amz-id-2: 6IrwZqKMx/vGYsFBjOFYTtSEeIWABfy0QVDEmAP/APnfsY8jyGxXUch+UvtPXVB6qYmDom+BaEQ=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0329/8469/products/0350-2.jpg?v=1447444229

Domain: consumerqueen.com
URL: https://consumerqueen.com/wp-content/uploads/2015/11/dollar_general_coupon.jpg

Domain: cdn-aimi.akamaized.net
URL: https://cdn-aimi.akamaized.net/landings/121860/1521187853/images/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qxold.youhavewon.net/	1970-01-19 01:05:34	Name: scriptHash Value: 330097_23350_137932
qxold.youhavewon.net/	1970-01-19 00:23:48	Name: unique_id Value: 5cc6f389b9b4a005395624
qxold.youhavewon.net/	1970-01-19 00:23:48	Name: unique_1967510 Value: unique_1967510

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://sauwindgeca.tk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ajax.googleapis.com
bestzinka.site
cache.dominos.com
cdn-aimi.akamaized.net
cdn.shopify.com
consumerqueen.com
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
maxcdn.bootstrapcdn.com
okashiplaza.info
qxold.youhavewon.net
s-media-cache-ak0.pinimg.com
s3.amazonaws.com
sauwindgeca.tk
thecrazycouponchick.com
cdn-aimi.akamaized.net
cdn.shopify.com
consumerqueen.com
104.109.64.127
104.27.189.236
108.179.229.212
2.20.189.188
209.197.3.15
2606:4700:30::6818:7229
2606:4700:30::6818:7329
2606:4700:30::681b:8571
2a00:1450:4001:808::200a
2a00:1450:4001:815::200a
2a00:1450:4001:818::2003
2a00:1450:4001:81b::2001
2a02:26f0:f1:29b::1931
2a04:4e42:1d::84
52.216.84.117
52.50.18.181
018f589f65229ad020ba114ff2d42b52b52582fa4b9209d1bde8fb3c2057cc09
0241baa7c969f8e71ffa2360895b81751700eb54a0d007fa3891506c94d15383
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
135389b1a6736088c7675dda32b602df882f04d75122d9c968a049fd75f189d5
1ff57dddf6b9b3309da838e2b6533113b95c2d32481cceaf06a51c2b0eedfd8c
205de1b4ed634feb1c8329bd1754baac574ec2cb2bab3475b8a2184c5d53bdd2
2446cf6020ae3e1d053112e171b48de3fe4668014d79667bf33eb119c2685925
2a5794a421fa661ed4c337652dfd05fcfcfbaa7cd80ae3598e5915fe60c3ceee
30244bafbb1a8d83a39c6ce75984df9d186863dcfc0e4a8f7ef36c39a96c9061
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
3a2cac8f63e524f8a4fa598d8ed8051fe9b744b840f7130b082255770fc39670
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4a433393c63cf616649414aa623717e73a241f39ede6ae7c473dacda56ab159c
5a39904c92771c94fecbb6f744fd6784c10a3298d5551bf2d5f3fcdb45e42e57
5f756ec03ad4af915fd38d940bbb8cc167a95f776cbc289058c4e50097836f8b
6592c5497d79980109ee577663beac8d709726a63329f893775f89083cc8858e
742c8a6a33c2adb9e78b7d161e5f8ddecd84028cde564f63cbc497cde9e27cdf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
850b7d6838f446b700784d64c8a00c786f563ce55460635bc823ea9fdbae0c09
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8cec28f9d016102e31471ce9d31400c52d81899c62592e9455f94808dba5b909
947b6a10d7033a6fbb3e782b02dc690b8464ac06333319db61653417d271d91b
98ab741f400e2a172243d8305e29b93ac97593480057d21f76e82a190ef09d02
9c80613265e458a9fb82948520bf6a738e7c98bba9e6d3faee7c9d900e6e8bec
a7a8cbe7bc6dbd67edb7e729eb472b381938199aad19ea3dcd05a7afd419f7a6
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
b8415abaabb26fe68590eb086a43ff6abb3ef683fb24e0a2e6fb86b3ec93fc91
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
bcbc9c2be11bb7450b1b0c890255e252810a5f67e01d268851c7a09882ef78f2
c246e689348a5f344fa419bcda480f5b8bfefc903053969602b0c766f599ed4c
cd9bebc6c494b71db031c6ceed2e7c1503a8e9258e00ae5b7c25a1e298cdf241
d3db7d0589ac0ea178c38857837425f8c636023ce573b2ba0dd41c4de17d0cdd
d8d2b0e0baad97e943838712911352a8c9dd0d5bf2114e78c3d1649bcc0d634a
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
de2e8e075786e304dc52ef21f40a552db8c24d248e583843af38958138f69d0d
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ef2cd2629b4b9057ed254d71dee8658a1ab1f2f0cf54f08f0d6ed2bf9480760a
f4c81f5aa249ba0d0bd83c3e403590e743bdc25bc37f0834b6ae752edc2165d7
f7a34f1c806bb9c1091558719ca37ae42b7489b3742c67dd850f177b1d635a45
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

qxold.youhavewon.net Open in urlscan Pro 52.50.18.181 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

54 %HTTPS

56 %IPv6

15 Domains

18 Subdomains

16 IPs

4 Countries

609 kBTransfer

1043 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qxold.youhavewon.net Open in urlscan Pro
52.50.18.181 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

54 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

609 kB
Transfer

1043 kB
Size

3
Cookies

59 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!