urlscan.io logo urlscan.io
SecurityTrails logo

grutenmay.gq Open in urlscan Pro
104.31.77.249  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://goo.gl/Hcz9r4?p=1
Effective URL: https://grutenmay.gq/?promo
Submission: On January 20 via manual from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 26 HTTP transactions. The main IP is 104.31.77.249, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is grutenmay.gq.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 19th 2018. Valid for: 6 months.
This is the only time grutenmay.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 172.217.21.238 15169 (GOOGLE)
18 104.31.77.249 13335 (CLOUDFLAR...)
1 172.217.21.234 15169 (GOOGLE)
2 104.16.207.165 13335 (CLOUDFLAR...)
1 172.217.21.232 15169 (GOOGLE)
2 52.222.171.192 16509 (AMAZON-02)
26 7
3    172.217.21.238 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f238.1e100.net
goo.gl
www.google-analytics.com
18    104.31.77.249 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
grutenmay.gq
1    172.217.21.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f10.1e100.net
fonts.googleapis.com
2    104.16.207.165 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
1    172.217.21.232 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f232.1e100.net
www.googletagmanager.com
2    52.222.171.192 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-171-192.fra54.r.cloudfront.net
www.assai.com.br
Domain Requested by
18 grutenmay.gq grutenmay.gq
2 www.google-analytics.com www.googletagmanager.com
grutenmay.gq
2 www.assai.com.br grutenmay.gq
1 onesignal.com cdn.onesignal.com
1 www.googletagmanager.com grutenmay.gq
1 cdn.onesignal.com grutenmay.gq
1 fonts.googleapis.com grutenmay.gq
1 goo.gl 1 redirects
26 8

This site contains no links.

Subject Issuer Validity Valid
sni80541.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-01-19 -
2018-07-28		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://grutenmay.gq/?promo
Frame ID: (1B11DCE5DE7D71B8EB517D9D1162BFBA)
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://goo.gl/Hcz9r4?p=1 HTTP 301
    https://grutenmay.gq/?promo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

69 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

1771 kB
Transfer

2120 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://goo.gl/Hcz9r4?p=1 HTTP 301
    https://grutenmay.gq/?promo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
grutenmay.gq/
Redirect Chain
  • https://goo.gl/Hcz9r4?p=1
  • https://grutenmay.gq/?promo
26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45-0+deb7u11
Resource Hash
9eb7e574ec30befc7fe9e381d526b37e316da76ea691474e160f6a4adf6b0277

Request headers

:path
/?promo
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority
grutenmay.gq
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
server
cloudflare
x-powered-by
PHP/5.4.45-0+deb7u11
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
set-cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090; expires=Sun, 20-Jan-19 11:34:50 GMT; path=/; domain=.grutenmay.gq; HttpOnly; Secure
cf-ray
3e01ba18acbc97aa-FRA

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Sat, 20 Jan 2018 11:34:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://grutenmay.gq/?promo
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
175
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
172.217.21.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f10.1e100.net
Software
ESF /
Resource Hash
73a891cc27fe67cc95976d77049403a9d8569b88a3c0fcf456542317d0270fa0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 11:34:51 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Sat, 20 Jan 2018 11:34:51 GMT
jquery.js
grutenmay.gq/js/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grutenmay.gq/js/jquery.js
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee6256d0e171c711b5bf4b4fb1d43e63933e780b342acb7af053f180385adfd

Request headers

:path
/js/jquery.js
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:51 GMT
server
cloudflare
etag
"3ea68-dde6-562460e5e7650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1097aa-FRA
content-length
19481
expires
Sat, 20 Jan 2018 15:34:51 GMT
jquery.min.js
grutenmay.gq/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grutenmay.gq/js/jquery.min.js
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

:path
/js/jquery.min.js
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:53 GMT
server
cloudflare
etag
"3ea67-176f8-562460e74dca5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1197aa-FRA
content-length
33303
expires
Sat, 20 Jan 2018 15:34:51 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		259 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
104.16.207.165 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d1e499476db27799e27d37bc4da25a139744d0ea67125ea7d7f444025f2071

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2018 21:39:41 GMT
server
cloudflare
etag
W/"5a62659d-40cdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
3e01ba1b0e106439-FRA
expires
Tue, 23 Jan 2018 11:34:51 GMT
js
www.googletagmanager.com/gtag/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74686580-1
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f232.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
f646371f6d788594d4f5b9cfad1c785af387844c0010079b45df28a0d9f4f71f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
19424
x-xss-protection
1; mode=block
expires
Sat, 20 Jan 2018 11:34:51 GMT
logo.png
www.assai.com.br/sites/all/themes/assai/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assai.com.br/sites/all/themes/assai/logo.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
52.222.171.192 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-171-192.fra54.r.cloudfront.net
Software
nginx /
Resource Hash
aefda082c9f7b7fb394bf635da7a80cbada0f1e5cb4782fbc4eece52073fe960

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:33:57 GMT
via
1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2018 14:24:14 GMT
server
nginx
x-cache
Miss from cloudfront
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15081
x-amz-cf-id
DlZ67LNkLrIvV8sfEBQIGnqkkVs0muTrdQQHvQsUIn1r0vubADvqMg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
spinBG.png
grutenmay.gq/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/spinBG.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae

Request headers

:path
/imagens/spinBG.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:35 GMT
server
cloudflare
etag
"3ea5f-114a-562460d63bb48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1297aa-FRA
content-length
4426
expires
Sat, 20 Jan 2018 15:34:51 GMT
spin-BR.png
grutenmay.gq/imagens/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/spin-BR.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a219e6485e018f78e665cf5bc7840a6f87646542b58ca25552a515f6ae27a91

Request headers

:path
/imagens/spin-BR.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:37 GMT
server
cloudflare
etag
"3ea5d-133c30-562460d865697"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1397aa-FRA
content-length
1260592
expires
Sat, 20 Jan 2018 15:34:51 GMT
win.png
grutenmay.gq/imagens/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/win.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26

Request headers

:path
/imagens/win.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:38 GMT
server
cloudflare
etag
"3ea61-1cbe-562460d976d8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1497aa-FRA
content-length
7358
expires
Sat, 20 Jan 2018 15:34:51 GMT
winP.png
grutenmay.gq/imagens/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/winP.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d

Request headers

:path
/imagens/winP.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:38 GMT
server
cloudflare
etag
"3ea62-1b9e-562460d99712e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1597aa-FRA
content-length
7070
expires
Sat, 20 Jan 2018 15:34:51 GMT
1.jpg
grutenmay.gq/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/1.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e3d4414a1abee3b2b2bb35c5af293a5832486526d014741cb593dbd4f9a768

Request headers

:path
/imagens/1.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:10:56 GMT
server
cloudflare
etag
"3ea50-fe3-562460b1528e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1697aa-FRA
content-length
4067
expires
Sat, 20 Jan 2018 15:34:51 GMT
2.jpg
grutenmay.gq/imagens/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/2.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a53ec7286641124351dde4b145df2cc2a4799707467d290d73dbbab56d122a

Request headers

:path
/imagens/2.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:10:56 GMT
server
cloudflare
etag
"3ea51-11d3-562460b169041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1997aa-FRA
content-length
4563
expires
Sat, 20 Jan 2018 15:34:51 GMT
3.jpg
grutenmay.gq/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/3.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
466d3be2b6f08dc1bc8b91a561edeeb30ced9e390629d8eba1ec407aa3453dc7

Request headers

:path
/imagens/3.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:10:57 GMT
server
cloudflare
etag
"3ea52-f64-562460b282439"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1b97aa-FRA
content-length
3940
expires
Sat, 20 Jan 2018 15:34:51 GMT
4.jpg
grutenmay.gq/imagens/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/4.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
284f93747b1a3b17164e024424d3f77d532099d9dfa8d294d12d5b3ea69abae4

Request headers

:path
/imagens/4.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:10:59 GMT
server
cloudflare
etag
"3ea53-15d0-562460b3a3530"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1d97aa-FRA
content-length
5584
expires
Sat, 20 Jan 2018 15:34:51 GMT
5.jpg
grutenmay.gq/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/5.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dadeb964efb7e29d9583dd1ce488ce470a7d2ebcded522c2f5bb49e3266bd1

Request headers

:path
/imagens/5.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:00 GMT
server
cloudflare
etag
"3ea54-e11-562460b4b9a48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1e97aa-FRA
content-length
3601
expires
Sat, 20 Jan 2018 15:34:51 GMT
6.jpg
grutenmay.gq/imagens/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/6.jpg
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd596ad54e1d96fbdb3a749beb939b491325af92fc5c04c3d43a99a141497618

Request headers

:path
/imagens/6.jpg
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:00 GMT
server
cloudflare
etag
"3ea55-8c9-562460b535aa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e1f97aa-FRA
content-length
2249
expires
Sat, 20 Jan 2018 15:34:51 GMT
pop.gif
grutenmay.gq/imagens/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/pop.gif
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23aea1321c87318e8c6ca96545b78dd2a1960e9428d191ca245cfefae97a73ee

Request headers

:path
/imagens/pop.gif
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:21 GMT
server
cloudflare
etag
"3ea5c-470b2-562460c89a790"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e2097aa-FRA
content-length
290994
expires
Sat, 20 Jan 2018 15:34:51 GMT
ewjpzrp.png
grutenmay.gq/imagens/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/ewjpzrp.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03438aa5abe5f685d4fa633fa2119321c26db9a7e7526f4855111b0d39d87319

Request headers

:path
/imagens/ewjpzrp.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:03 GMT
server
cloudflare
etag
"3ea59-a6c-562460b756954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e2197aa-FRA
content-length
2668
expires
Sat, 20 Jan 2018 15:34:51 GMT
avast.png
grutenmay.gq/imagens/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grutenmay.gq/imagens/avast.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be073b1cf7ff48fce642dd626c97d12bfebb17f402d592065a785396d58e798a

Request headers

:path
/imagens/avast.png
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2018 16:11:02 GMT
server
cloudflare
etag
"3ea58-3971-562460b71eeb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3e01ba1a6e2297aa-FRA
content-length
14705
expires
Sat, 20 Jan 2018 15:34:51 GMT
index.js
grutenmay.gq/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grutenmay.gq/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
3e01ba1a6e2397aa-FRA
expires
Sat, 20 Jan 2018 15:34:51 GMT
index.js
grutenmay.gq/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grutenmay.gq/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.31.77.249 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/chrome-extension://hhojmcideegachlhfgfdhailpfhgknjm/web_accessible_resources/index.js
pragma
no-cache
cookie
__cfduid=d8767f37a8fdab70e0a505bcc6e42e16a1516448090
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
grutenmay.gq
referer
https://grutenmay.gq/?promo
:scheme
https
:method
GET
Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
public, max-age=14400
cf-ray
3e01ba1afe9697aa-FRA
expires
Sat, 20 Jan 2018 15:34:51 GMT
bg-header.png
www.assai.com.br/sites/all/themes/assai/styles/images/ 		337 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assai.com.br/sites/all/themes/assai/styles/images/bg-header.png
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
52.222.171.192 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-171-192.fra54.r.cloudfront.net
Software
nginx /
Resource Hash
43b8c788f6cf218ab96de50b2c3e540e6df375031bff01e3c3e389ea2f9fd8af

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:33:57 GMT
via
1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2018 14:24:21 GMT
server
nginx
x-cache
Miss from cloudfront
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
337
x-amz-cf-id
j-mSysFjqRE8M_HUfbwyusHScKYg1GS-QnODfvpQfM5Mz_BPQhh8_w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
956ab37f55cad461d2b44457dd3ae9ce4f87af031c0c889e3c703d4636c74503

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
analytics.js
www.google-analytics.com/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74686580-1
Protocol
SPDY
Server
172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f238.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
5976
date
Sat, 20 Jan 2018 09:55:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Sat, 20 Jan 2018 11:55:15 GMT
collect
www.google-analytics.com/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1279799421&t=pageview&_s=1&dl=https%3A%2F%2Fgrutenmay.gq%2F%3Fpromo&ul=en-us&de=UTF-8&dt=Nova%20chance%20de%20ganhar%2040.000%2C00%20reais%20em%20pr%C3%AAmios%20do%20Assai%20Atacadista%20na%20roleta%20da%20sorte!!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=819904855&gjid=1746533888&cid=857523377.1516448091&tid=UA-74686580-1&_gid=1340564662.1516448091&_r=1&gtm=uc5&z=1062079730
Requested by
Host: grutenmay.gq
URL: https://grutenmay.gq/?promo
Protocol
SPDY
Server
172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f238.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2018 11:34:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/5ec5b81e-0546-41ec-a588-9072d7c0ca10/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/5ec5b81e-0546-41ec-a588-9072d7c0ca10/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
SPDY
Server
104.16.207.165 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.1.4
Resource Hash
20140d75bdd2cca46119ba1efca4110cd704cfb300287e58c2212705174c6456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grutenmay.gq/?promo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 20 Jan 2018 11:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Phusion Passenger 5.1.4
status
200
x-xss-protection
1; mode=block
x-request-id
c890992d-4b0b-4626-a2a7-51f45ccc52ba
x-runtime
0.028515
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
3e01ba1b7e3e6439-FRA
access-control-allow-headers
SDK-Version

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| $ function| jQuery function| OneSignal object| STRONG function| incrementValue function| fn1 function| gtag object| dataLayer function| spinnerAction function| startSpin function| spin2 function| FBcom object| d object| weekday undefined| myarray undefined| showMessage undefined| image boolean| spin2enabled object| google_tag_manager function| setCookie1 function| getCookie1 function| completealert function| cmnts function| random function| checkZero function| timer1 string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0

4 Cookies

Domain/Path Name / Value
.grutenmay.gq/ Name: _gid
Value: GA1.2.1340564662.1516448091
.grutenmay.gq/ Name: _ga
Value: GA1.2.857523377.1516448091
.grutenmay.gq/ Name: _gat_gtag_UA_74686580_1
Value: 1
.grutenmay.gq/ Name: __cfduid
Value: d8767f37a8fdab70e0a505bcc6e42e16a1516448090

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
fonts.googleapis.com
goo.gl
grutenmay.gq
onesignal.com
www.assai.com.br
www.google-analytics.com
www.googletagmanager.com
104.16.207.165
104.31.77.249
172.217.21.232
172.217.21.234
172.217.21.238
52.222.171.192
03438aa5abe5f685d4fa633fa2119321c26db9a7e7526f4855111b0d39d87319
0ee6256d0e171c711b5bf4b4fb1d43e63933e780b342acb7af053f180385adfd
1a219e6485e018f78e665cf5bc7840a6f87646542b58ca25552a515f6ae27a91
20140d75bdd2cca46119ba1efca4110cd704cfb300287e58c2212705174c6456
23aea1321c87318e8c6ca96545b78dd2a1960e9428d191ca245cfefae97a73ee
284f93747b1a3b17164e024424d3f77d532099d9dfa8d294d12d5b3ea69abae4
43b8c788f6cf218ab96de50b2c3e540e6df375031bff01e3c3e389ea2f9fd8af
466d3be2b6f08dc1bc8b91a561edeeb30ced9e390629d8eba1ec407aa3453dc7
57e3d4414a1abee3b2b2bb35c5af293a5832486526d014741cb593dbd4f9a768
73a891cc27fe67cc95976d77049403a9d8569b88a3c0fcf456542317d0270fa0
75d1e499476db27799e27d37bc4da25a139744d0ea67125ea7d7f444025f2071
82a53ec7286641124351dde4b145df2cc2a4799707467d290d73dbbab56d122a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
956ab37f55cad461d2b44457dd3ae9ce4f87af031c0c889e3c703d4636c74503
9eb7e574ec30befc7fe9e381d526b37e316da76ea691474e160f6a4adf6b0277
9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aefda082c9f7b7fb394bf635da7a80cbada0f1e5cb4782fbc4eece52073fe960
be073b1cf7ff48fce642dd626c97d12bfebb17f402d592065a785396d58e798a
d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d
d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26
e1dadeb964efb7e29d9583dd1ce488ce470a7d2ebcded522c2f5bb49e3266bd1
f646371f6d788594d4f5b9cfad1c785af387844c0010079b45df28a0d9f4f71f
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fd596ad54e1d96fbdb3a749beb939b491325af92fc5c04c3d43a99a141497618