urlscan.io logo urlscan.io
SecurityTrails logo

www.iqplaywin.com Open in urlscan Pro
35.244.205.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZ...
Effective URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62...
Submission: On September 30 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 21 domains to perform 60 HTTP transactions. The main IP is 35.244.205.206, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is www.iqplaywin.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 5th 2019. Valid for: 3 months.
This is the only time www.iqplaywin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2001:41d0:701... 16276 (OVH)
1 1 51.75.67.102 16276 (OVH)
2 4 18.195.30.247 16509 (AMAZON-02)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
6 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 54.200.87.201 16509 (AMAZON-02)
22 35.244.205.206 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 35.244.175.13 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
60 17
1    2606:4700:30::6818:72c7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
elisbi.live
1    2001:41d0:701:1100::1f26 (France)

ASN16276 (OVH, FR)
hardtail-mtb.be
1    51.75.67.102 (Germany)

ASN16276 (OVH, FR)
PTR: click4.geni.link
downhill-mtb.eu
4    18.195.30.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
app.1stimpression.club
app.logictree.co
citines-boutlet.com
2    2606:4700:30::681c:105 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
p.t67.me
6    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700:30::6818:659a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
apidata.info
6    2606:4700:30::681f:46e4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
secure.soupdog.space
1    54.200.87.201 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-87-201.us-west-2.compute.amazonaws.com
www.24t7.me
22    35.244.205.206 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 206.205.244.35.bc.googleusercontent.com
www.iqplaywin.com
3    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    35.244.175.13 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 13.175.244.35.bc.googleusercontent.com
srv.ibraincollege.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
22 www.iqplaywin.com citines-boutlet.com
www.iqplaywin.com
code.jquery.com
ajax.googleapis.com
6 secure.soupdog.space p.t67.me
secure.soupdog.space
6 ajax.googleapis.com p.t67.me
secure.soupdog.space
www.iqplaywin.com
3 connect.facebook.net www.iqplaywin.com
connect.facebook.net
3 maxcdn.bootstrapcdn.com www.iqplaywin.com
3 fonts.googleapis.com www.iqplaywin.com
2 srv.ibraincollege.com www.iqplaywin.com
ajax.googleapis.com
2 www.facebook.com www.iqplaywin.com
2 www.google-analytics.com www.googletagmanager.com
www.iqplaywin.com
2 bat.bing.com www.iqplaywin.com
2 app.logictree.co 1 redirects secure.soupdog.space
2 p.t67.me p.t67.me
1 fonts.gstatic.com ajax.googleapis.com
1 www.googletagmanager.com www.iqplaywin.com
1 code.jquery.com www.iqplaywin.com
1 www.24t7.me
1 citines-boutlet.com app.logictree.co
1 apidata.info p.t67.me
1 app.1stimpression.club 1 redirects
1 downhill-mtb.eu 1 redirects
1 hardtail-mtb.be 1 redirects
1 elisbi.live 1 redirects
60 22

This site contains no links.

Subject Issuer Validity Valid
sni45886.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-16 -
2020-03-24		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
sni162576.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-05 -
2020-03-13		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-26 -
2020-04-26		 a year crt.sh
app.logictree.co
Sectigo RSA Domain Validation Secure Server CA		 2019-03-13 -
2020-03-12		 a year crt.sh
citines-boutlet.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-22 -
2020-07-20		 a year crt.sh
www.iqplaywin.com
Let's Encrypt Authority X3		 2019-09-05 -
2019-12-04		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
srv.ibraincollege.com
Let's Encrypt Authority X3		 2019-09-07 -
2019-12-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Frame ID: B847301FDD0945F86B8D1F28B1AB91A1
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL... HTTP 302
    http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
    https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
    https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
    https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&... Page URL
  2. https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8... HTTP 302
    https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6... Page URL
  3. https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL
  4. https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2... Page URL
  5. https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-... HTTP 302
    https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
  • script /angular.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

60
Requests

98 %
HTTPS

75 %
IPv6

21
Domains

22
Subdomains

17
IPs

5
Countries

1526 kB
Transfer

2415 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZS9QbHhJbkp3SEpLd2lxdFJvUQ HTTP 302
    http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
    https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
    https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
    https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 Page URL
  2. https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 HTTP 302
    https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 Page URL
  3. https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL
  4. https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ Page URL
  5. https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke HTTP 302
    https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZS9QbHhJbkp3SEpLd2lxdFJvUQ HTTP 302
  • http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ HTTP 302
  • https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1 HTTP 302
  • https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408 HTTP 302
  • https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Request Chain 4
  • https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2 HTTP 302
  • https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
p.t67.me/l/
Redirect Chain
  • http://elisbi.live/76d2g8t0136295/MzQ1szS3MDayMDAxMzIwMdUzTbE0SEtJM0i1TDFIcdADAA,,/ih/aHR0cDovL2hhcmR0YWlsLW10Yi5iZS9QbHhJbkp3SEpLd2lxdFJvUQ
  • http://hardtail-mtb.be/PlxInJwHJKwiqtRoQ
  • https://downhill-mtb.eu/aff_c?offer_id=6630&aff_id=3288&aff_sub=1735&aff_sub2=GOVH3-280408&aff_sub3=1
  • https://app.1stimpression.club/909e5e1a-f2e5-4ce4-9418-851f67b6c0c2?s1=1735&s2=GOVH3-280408
  • https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
349 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d

Request headers

:method
GET
:authority
p.t67.me
:scheme
https
:path
/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 30 Sep 2019 07:22:51 GMT
content-type
text/html
set-cookie
__cfduid=ddde38f82e9fb34cc0f36cd8f8a63cfa31569828171; expires=Tue, 29-Sep-20 07:22:51 GMT; path=/; domain=.t67.me; HttpOnly
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51e472b9eefecb98-VIE
content-encoding
br

Redirect headers

Server
nginx
Date
Mon, 30 Sep 2019 07:22:51 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Pragma
no-cache
Set-Cookie
909e5e1a-f2e5-4ce4-9418-851f67b6c0c2-v4=909e5e1a-f2e5-4ce4-9418-851f67b6c0c2;Max-Age=86400;Expires=Tue, 01-Oct-2019 07:22:51 GMT;domain=app.1stimpression.club;path=/;HttpOnly cc-v4=eoa70fVRHKFxyOVAvl18Rc4iKzIwYZPEaM9BSo4zKno1OBkfVQMCK0G3D3cRw1%2Bja1bzRKFfQRnKQA2wALO2jNhU1AhJ13ro6tjoWiK7eI60QCp8UMgtuoXc7Lc5mJkl0Qemyb4Q1SCC4c0KWKR2IA%3D%3D;Max-Age=31536000;Expires=Tue, 29-Sep-2020 07:22:51 GMT;domain=app.1stimpression.club;path=/;HttpOnly
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: p.t67.me
URL: https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 03:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3298691
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Aug 2020 03:04:40 GMT
js
apidata.info/ 		795 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apidata.info/js
Requested by
Host: p.t67.me
URL: https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:659a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f74b96a814b05ee57d3df99280aa1749b05773c2ceb062a10367c64730d970

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:51 GMT
content-encoding
br
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
3600
cf-ray
51e472ba9b97cba0-VIE
access-control-allow-headers
X-Requested-With
logic_tree.js
p.t67.me/l/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.t67.me/l/logic_tree.js
Requested by
Host: p.t67.me
URL: https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e8454951e0c6bc35be78b8603b9994d5eb2823b22484ac5fefa9a08bd14190

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
6740
etag
W/"5d8dc9d6-2479"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51e472ba3ff9cb98-VIE
expires
Mon, 30 Sep 2019 11:22:51 GMT
/
secure.soupdog.space/lp/load/1b/
Redirect Chain
  • https://app.logictree.co/5a9cbb17-6980-489d-b1a4-9a84dc314c52?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
  • https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Requested by
Host: p.t67.me
URL: https://p.t67.me/l/logic_tree.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a821bc4fb42646c81f591fbb80c07c6a31ca0e28e27e620ccae6a0db74acc76c

Request headers

:method
GET
:authority
secure.soupdog.space
:scheme
https
:path
/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://p.t67.me/l/?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2

Response headers

status
200
date
Mon, 30 Sep 2019 07:22:52 GMT
content-type
text/html
set-cookie
__cfduid=d7bb8d75a6681d0386a2c54f9f802340f1569828172; expires=Tue, 29-Sep-20 07:22:52 GMT; path=/; domain=.soupdog.space; HttpOnly
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51e472bc7f5559b2-VIE
content-encoding
br

Redirect headers

Server
nginx
Date
Mon, 30 Sep 2019 07:22:52 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Pragma
no-cache
Set-Cookie
5a9cbb17-6980-489d-b1a4-9a84dc314c52-v4=5a9cbb17-6980-489d-b1a4-9a84dc314c52;Max-Age=86400;Expires=Tue, 01-Oct-2019 07:22:52 GMT;domain=app.logictree.co;path=/;HttpOnly cep-v4=8KZZHmzx2O3RTD87dzrJZCCpvdoS4s1rgLZkTpg8EevSEBygl_sT38rCs5FeJXR-6LuTKdY5rxmILNCEAvSqzeNoiY1HGYHacs_UVe5auNCOVjHtVNiA8fxHdHmde29BrD7mnTtd9mmlhvZWGtOPjDxuEeV1XmLuJstm0Y5yX1fnvPIDZwOCzHN-BoNmOpEA9aL1IysDJhQMW1Xw-3quGtrAsvvIX2R4VUQCc0N_uv6ZIgr2QEQF_Wq7IfYjE43yzuywq-kMs8sJc5DZmGudNUto71haJodXeVVX3714rhV84jExd8ucrx2Y4kOZ3MqPx4d4f2jHS92RIjm2gE2yTpozmi-AYNky7_aMyeXQJ6Fati06iNlnIiElkQtpHv2V2tKM2WOBKitXmjRi41l6bkKKoPYaPd66H1YEE2ukd1cvKLKNgKCg7HB0XkiEGHJ396oJDk8ELkrGHGhJaUiUj2ljdt2A2y3ljM4coWDrV8tnEK28gFd5gpMXKi-mUnvDd6_41_nroaJRh4tNMbIenw;Max-Age=86400;Expires=Tue, 01-Oct-2019 07:22:52 GMT;domain=app.logictree.co;path=/;HttpOnly
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 09:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3017143
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 09:17:09 GMT
loader.gif
secure.soupdog.space/lp/load/1b/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.soupdog.space/lp/load/1b/img/loader.gif
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:52 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
6018
etag
"5d8dc9d6-cc19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e472bcef8859b2-VIE
content-length
52249
expires
Mon, 30 Sep 2019 11:22:52 GMT
url-pixel.png
secure.soupdog.space/lp/load/1b/ 		95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.soupdog.space/lp/load/1b/url-pixel.png
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:52 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
6018
etag
"5d8dc9d6-5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e472bcef8959b2-VIE
content-length
95
expires
Mon, 30 Sep 2019 11:22:52 GMT
gotoURL.js
secure.soupdog.space/script/ 		3 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.soupdog.space/script/gotoURL.js
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffa9dde1f943aee27f1a1c333b65b4cd1d85e0575988446088b1bb63e00bebb

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
6018
etag
W/"5d8dc9d6-bf4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51e472bd1f9d59b2-VIE
expires
Mon, 30 Sep 2019 11:22:52 GMT
bckbtn.js
secure.soupdog.space/script/ 		1012 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.soupdog.space/script/bckbtn.js
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
3291
etag
W/"5d8dc9d6-3f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51e472bd3fae59b2-VIE
expires
Mon, 30 Sep 2019 11:22:52 GMT
swgfonts.js
secure.soupdog.space/script/ 		965 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.soupdog.space/script/swgfonts.js
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:46e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 08:35:34 GMT
server
cloudflare
age
6017
etag
W/"5d8dc9d6-3c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51e472bd5fcc59b2-VIE
expires
Mon, 30 Sep 2019 11:22:52 GMT
Cookie set click
app.logictree.co/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Requested by
Host: secure.soupdog.space
URL: https://secure.soupdog.space/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&cep=LM_w014tebMAKz0pJPAIuil6dqW1-zxCdiJqonpD8UqC2pumXijP5R_WjA7yVIN9C6bya_DjqH8wgBE9mPHRElPocdhDEDt6p0RYBxt9KZUejJg6rTu9J_4Q1tn8OVi7-zMkTUYy0ta_9ZDETer2MZgv4w_-y5PMqEDpYgBSouhKVS32SIiXBJptXeJBLYT1659dWogzvTNfGBtMin6CW1dNbmnv3zNKY7aPGHPrrNkhnTwtO1o93PHSm7txYUs_Xk26Q6I7l24uFqZL32P1TKB5Oz-NStRyU3kl75sTFAr5mH6H4risAIarl5tWSAwhagTi5lwXiIf1SngXsvn2xoP4wvyG1n6QDYk85Cb5ZmkW_xi2BJhHJ5UPpMcbrdVPvvyd5Ly4xBDsIVxa-WcXi_5J2PAT5GIoBTVBkaNQrHGsgTC26uDdSRP70_eRMo4EJS-LzA63FgVJCw__uFbA6thVTfHNR6JSv8ZCV9kggCImPBUmT9mztsNlJ8sdE13nzEGh5VrWgH_lkIKqim4vww&lptoken=1561698b825d999872e0&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke&s6=1&s7=ROOT&s8=VOL&s9=978488ff-d62c-44cc-8908-6b205c0aebb2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.30.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6fd7503d8348653e3bd161f7f81e58689be98627cc483ccd134ea0fea2b3aea7

Request headers

Host
app.logictree.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Cookie
5a9cbb17-6980-489d-b1a4-9a84dc314c52-v4=5a9cbb17-6980-489d-b1a4-9a84dc314c52; cep-v4=8KZZHmzx2O3RTD87dzrJZCCpvdoS4s1rgLZkTpg8EevSEBygl_sT38rCs5FeJXR-6LuTKdY5rxmILNCEAvSqzeNoiY1HGYHacs_UVe5auNCOVjHtVNiA8fxHdHmde29BrD7mnTtd9mmlhvZWGtOPjDxuEeV1XmLuJstm0Y5yX1fnvPIDZwOCzHN-BoNmOpEA9aL1IysDJhQMW1Xw-3quGtrAsvvIX2R4VUQCc0N_uv6ZIgr2QEQF_Wq7IfYjE43yzuywq-kMs8sJc5DZmGudNUto71haJodXeVVX3714rhV84jExd8ucrx2Y4kOZ3MqPx4d4f2jHS92RIjm2gE2yTpozmi-AYNky7_aMyeXQJ6Fati06iNlnIiElkQtpHv2V2tKM2WOBKitXmjRi41l6bkKKoPYaPd66H1YEE2ukd1cvKLKNgKCg7HB0XkiEGHJ396oJDk8ELkrGHGhJaUiUj2ljdt2A2y3ljM4coWDrV8tnEK28gFd5gpMXKi-mUnvDd6_41_nroaJRh4tNMbIenw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Server
nginx
Date
Mon, 30 Sep 2019 07:22:52 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
1112
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
cc-v4=aGrFa4t7RExJL04RqhGB59ZZ%2B%2FIrzw0C9jqZmCxaS70MQ87yxiUywFTwUE1oTyfvJ33V2skkB8ZOuylJF%2Fq4nH1g9eahaS%2BT36AS7eXx6qoQSvQfcM7d7HsZ7%2Fra7dXDZ0BN4%2BdZuViqmctEPZPF5Q%3D%3D;Max-Age=31536000;Expires=Tue, 29-Sep-2020 07:22:52 GMT;domain=app.logictree.co;path=/;HttpOnly
redirect
citines-boutlet.com/ 		718 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ
Requested by
Host: app.logictree.co
URL: https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.30.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-30-247.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e137812d0739f47b90bf637dd659b3882e13e5047a1ac2203a55aac8f665f1dc

Request headers

Host
citines-boutlet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://app.logictree.co/click?s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke

Response headers

Server
nginx
Date
Mon, 30 Sep 2019 07:22:52 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
718
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
0tJk8ED4236
www.24t7.me/ln/ 		0
0
Primary Request welcome.html
www.iqplaywin.com/
Redirect Chain
  • https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4...
  • https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Requested by
Host: citines-boutlet.com
URL: https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7128eb4da794fa16439a604286b05df140a57559c726f990a94be9497b50aa7

Request headers

:method
GET
:authority
www.iqplaywin.com
:scheme
https
:path
/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl&ts=1569828172645&hash=QHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8&rm=DJ

Response headers

status
200
x-guploader-uploadid
AEnB2UqWTC-P5K1E60grO1qIiuhG7oPghQkJdPb-1yNZyUI9K_rDl1DsZBH23Up1uXGz0ZjJsafziLF7YpvfqLreLsITBJwIpw
expires
Mon, 30 Sep 2019 07:22:53 GMT
date
Mon, 30 Sep 2019 07:22:53 GMT
cache-control
private, max-age=0
last-modified
Tue, 10 Sep 2019 14:21:02 GMT
etag
"7227a7b394d81e1ade79221b3c7954f6"
x-goog-generation
1568125262231596
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
4942
content-type
text/html
x-goog-hash
crc32c=/7HY1A== md5=ciens5TYHhreeSIbPHlU9g==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
content-length
4942
server
UploadServer
alt-svc
clear

Redirect headers

status
302
date
Mon, 30 Sep 2019 07:22:53 GMT
content-type
text/plain
content-length
0
location
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
server
Apache-Coyote/1.1
consts.js
www.iqplaywin.com/consts/ 		69 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/consts/consts.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
x-guploader-uploadid
AEnB2Ur7QGZq77tQEZHB_IiWHIHsFG5Tj9ZO7noga9JLcomkRZR5XHADJLhhCFZApKGTFkRBCnUASTr85kRyteY1X1QUP7DZNg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
69
last-modified
Tue, 10 Sep 2019 14:07:18 GMT
server
UploadServer
etag
"43b3aa52fbaabf46d70b8d1c33c2213f"
x-goog-hash
crc32c=5XHM4Q==, md5=Q7OqUvuqv0bXC40cM8IhPw==
x-goog-generation
1568124438288909
cache-control
private, max-age=0
x-goog-stored-content-length
69
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:53 GMT
preAppLoading.js
www.iqplaywin.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/preAppLoading.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0aca4d9a24457b20e9627b3b099620a5ec63596586c481f79874bf83031eb13

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
x-guploader-uploadid
AEnB2UrX4kee83htC4T8Gzr9cHagLBnQPZZQsihdlZ6xOhMmC8oIwA5pkqwcREBvHKg2UXgEdx2J_b4VIpB-yS2udcX7scO54A
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
4783
last-modified
Tue, 10 Sep 2019 14:21:01 GMT
server
UploadServer
etag
"82bb4f1c26f5a9a0797fff3f8b85e48f"
x-goog-hash
crc32c=M7thsQ==, md5=grtPHCb1qaB5f/8/i4Xkjw==
x-goog-generation
1568125261254808
cache-control
private, max-age=0
x-goog-stored-content-length
4783
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:53 GMT
icon
fonts.googleapis.com/ 		574 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Sep 2019 07:22:53 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 30 Sep 2019 07:22:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 30 Sep 2019 07:22:53 GMT
css
fonts.googleapis.com/ 		1 KB
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mada:400,700
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Sep 2019 07:22:53 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 30 Sep 2019 07:22:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 30 Sep 2019 07:22:53 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
jquery-3.1.0.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.0.min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 07:22:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 21:45:52 GMT
Server
nginx
ETag
W/"577ecd90-1514f"
Vary
Accept-Encoding
X-HW
1569828173.dop134.fr8.shc,1569828173.dop134.fr8.t,1569828173.cds003.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30019
fingerprintjs2.js
www.iqplaywin.com/ 		35 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/fingerprintjs2.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
x-guploader-uploadid
AEnB2Uod0CU7VNGv8IR_AwCLwKK5yd1JOoUanE9r-gLju5HA83-07G0Hh7P9fHBFNySho9rUBVAI5NbmxM4C29tzL6x-UOikbg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
36185
last-modified
Tue, 10 Sep 2019 14:20:58 GMT
server
UploadServer
etag
"68ab45bd98459cb766f3ab26d086e5f5"
x-goog-hash
crc32c=OuDATw==, md5=aKtFvZhFnLdm86sm0Ibl9Q==
x-goog-generation
1568125258312231
cache-control
private, max-age=0
x-goog-stored-content-length
36185
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:53 GMT
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 13:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3001475
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
56572
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 13:38:18 GMT
angular-animate.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 01:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2784445
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9274
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Aug 2020 01:55:28 GMT
angular-sanitize.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-sanitize.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 15:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2996155
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8207
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 15:06:58 GMT
angular-resource.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-resource.min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 18:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2294054
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2231
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Sep 2020 18:08:39 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
css-all-min.css
www.iqplaywin.com/minified/css/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/minified/css/css-all-min.css
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8a24f4329046ed547cc4a0c95bb73180763ec884bee071857bab1469a00b80e3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
x-guploader-uploadid
AEnB2UpiBBc9fqwTPFcS-BukOvcIdPCWkv9TjEwesGTQV-gykwCt7rKziDPAIaxy_23qIJgJHbW4zaMUVyrFlqv0KhyOsMp2xA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
51208
last-modified
Tue, 10 Sep 2019 14:20:55 GMT
server
UploadServer
etag
"c2f33a76f3053193c64fb571fe3651fa"
x-goog-hash
crc32c=rpikaQ==, md5=wvM6dvMFMZPGT7Vx/jZR+g==
x-goog-generation
1568125255343952
cache-control
private, max-age=0
x-goog-stored-content-length
51208
accept-ranges
bytes
content-type
text/css
expires
Mon, 30 Sep 2019 07:22:53 GMT
js-all-min.js
www.iqplaywin.com/minified/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/minified/js/js-all-min.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8e2f993f2b6de765a61e278573554db0964160a365779f200b5cb315b4697d88

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
x-guploader-uploadid
AEnB2UpTv2zvJiBszDFoytLTqMPCA4eAb6VoovM549TB9eqTQBVJNrp0BL4xmaIWF5_4G07N4NwH2ec1sl5ZLyfKGbPrEL3EoQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
11105
last-modified
Tue, 10 Sep 2019 14:20:56 GMT
server
UploadServer
etag
"3d2db513eac1b9d8a6bf792d464c8569"
x-goog-hash
crc32c=r5vObg==, md5=PS21E+rBudimv3ktRkyFaQ==
x-goog-generation
1568125256272765
cache-control
private, max-age=0
x-goog-stored-content-length
11105
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:53 GMT
gtm.js
www.googletagmanager.com/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf4c6d62e41d00e93082c134a0501630fa33253318a3867fa57ee19643c1332c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
br
last-modified
Mon, 30 Sep 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21102
x-xss-protection
0
expires
Mon, 30 Sep 2019 07:22:53 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
mqD9eA5dxcom5W4bATaXcBcX9eTSStLXLedXZeLZ58yNtpRbXwJYWT8k+rl3toqddoine7Tv3qaJrZkxKU7fHQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 30 Sep 2019 07:22:53 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 1FED531DD8F948C38DE0E4D23334EFE5 Ref B: VIEEDGE1207 Ref C: 2019-09-30T07:22:53Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
596950890744347
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/596950890744347?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5484dfcc1a06c9a24b1718980d1658662efe55a3693ae99be5e69d070455c121
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79753
x-xss-protection
0
pragma
public
x-fb-debug
ckGiMs8Xi7xCigEpsQw9dA94HKM5emRcnLVawYYHWd1qKkOL3V41yv2TKR7Ny3XiNG0T+xhjs1jlqA8HHge22A==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 30 Sep 2019 07:22:53 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3415
date
Mon, 30 Sep 2019 06:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 30 Sep 2019 08:25:58 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
rR8HQPq9ueHop2UWK+IfW3ykuFSJKY0+SsApgYMqJ+lvnwllBbPsEseTiDlFqINUUEok+6sPyQoNpA1R+Q/GdQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Mon, 30 Sep 2019 07:22:53 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=992636276&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1140%26clickid%3Ddcik19j10pij8fnp1nnk1g44%26pub%3D3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s1%3D8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s2%3Dw60ft7d4bo7pbfnphkhur1ke&dr=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl%26ts%3D1569828172645%26hash%3DQHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8%26rm%3DDJ&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1857586379&gjid=1931393868&cid=953427862.1569828173&tid=UA-112527136-1&_gid=966014130.1569828173&_r=1&gtm=2wg9i1W5CPMVX&z=1239632438
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Sep 2019 07:22:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=596950890744347&ev=PageView&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1140%26clickid%3Ddcik19j10pij8fnp1nnk1g44%26pub%3D3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s1%3D8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s2%3Dw60ft7d4bo7pbfnphkhur1ke&rl=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl%26ts%3D1569828172645%26hash%3DQHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8%26rm%3DDJ&if=false&ts=1569828173432&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569828173431.647946614&it=1569828173379&coo=false&rqm=GET
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 30 Sep 2019 07:22:53 GMT
checkByIp
srv.ibraincollege.com/rest/iq/ 		109 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.ibraincollege.com/rest/iq/checkByIp
Requested by
Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/preAppLoading.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
13.175.244.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 30 Sep 2019 07:22:53 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
status
200
vary
Origin,Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.iqplaywin.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
script.js
www.iqplaywin.com/LP/1140/ 		127 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/script.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
server
UploadServer
x-guploader-uploadid
AEnB2UpQbJQ8Jzywi__aN1f0ro3QX9S4Zs9Vy4PCjfm4Mx1ShEf497jL2rn_8E2jbNBALc7NznUDI1w7A8NTF9KbbsG0ObGbKQ
content-type
application/xml; charset=UTF-8
status
404
cache-control
private, max-age=0
alt-svc
clear
content-length
127
expires
Mon, 30 Sep 2019 07:22:54 GMT
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26024093&Ver=2&mid=cc9ad23b-1d61-504b-b6aa-d248281497c1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1140%26clickid%3Ddcik19j10pij8fnp1nnk1g44%26pub%3D3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s1%3D8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s2%3Dw60ft7d4bo7pbfnphkhur1ke&r=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl%26ts%3D1569828172645%26hash%3DQHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8%26rm%3DDJ&lt=1476&evt=pageLoad&msclkid=N&rn=830149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 30 Sep 2019 07:22:53 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: ACBB3AA3251F4542A8323C6D550D8F20 Ref B: VIEEDGE1207 Ref C: 2019-09-30T07:22:54Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
translate_DE.js
www.iqplaywin.com/LP/1140/translate/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/translate/translate_DE.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c3b6f994e1b11a0a83acf9d9e28c8b81596970cf677cc14b4d07e41fa8cfbb4

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2Up7c2M3y9mWU8wjtLBOkVMMII17bnfxgvSXK4Kj8ZLEsMDvOjPt6lhu5cY3RwkWg5xxev7p93LG2QW-mDL3z9_emTrcqg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
2549
last-modified
Tue, 10 Sep 2019 14:11:11 GMT
server
UploadServer
etag
"3bf1896d94416b115bf3d58e0b6bd4ff"
x-goog-hash
crc32c=83wm3w==, md5=O/GJbZRBaxFb89WOC2vU/w==
x-goog-generation
1568124671418419
cache-control
private, max-age=0
x-goog-stored-content-length
2549
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:54 GMT
translate_EN.js
www.iqplaywin.com/LP/1140/translate/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/translate/translate_EN.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
352a618ca114c43142c38574d997f7478c6eeb6dc04095bdb96bafd84ca07641

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UoGYlMq-KTr3m9gAlHikxOwzbtjyEz0u1E5n6VKQOQuuIa7I80tCbYVviyBtttakduZea899o2_5KlkGk52KnAm3d096w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
2515
last-modified
Tue, 10 Sep 2019 14:11:12 GMT
server
UploadServer
etag
"700a0d5c7afb0843602cee23262c9105"
x-goog-hash
crc32c=qYOjaw==, md5=cAoNXHr7CENgLO4jJiyRBQ==
x-goog-generation
1568124672980117
cache-control
private, max-age=0
x-goog-stored-content-length
2515
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 30 Sep 2019 07:22:54 GMT
userTracking
srv.ibraincollege.com/rest/activity/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.ibraincollege.com/rest/activity/userTracking
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
13.175.244.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
200
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.iqplaywin.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
style.css
www.iqplaywin.com/LP/1140/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/style.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
541ea66a2eca67ac87f2eec457ef4070bce21668b77e51e2c5b88a7e8dc7188b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UonHII9srJ6A0i4XQ9GJFuj2S4bO01kYRA0QN8uMQ7PGG015tE-zAUGKsgZ26VMDXQGhb8QjGt0t8I4wA7bxtrhTlyzGQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
11276
last-modified
Tue, 10 Sep 2019 14:11:07 GMT
server
UploadServer
etag
"518537e7c18227d0931ce0baf7921a96"
x-goog-hash
crc32c=nzN01g==, md5=UYU358GCJ9CTHOC695Ialg==
x-goog-generation
1568124667396395
cache-control
private, max-age=0
x-goog-stored-content-length
11276
accept-ranges
bytes
content-type
text/css
expires
Mon, 30 Sep 2019 07:22:54 GMT
content.html
www.iqplaywin.com/LP/1140/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/content.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e7f9e67eef5a15aa3ab738b44a493cd7dbe4f3a472e703b00c38262cc25c1d50

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UoYrw6NbbaoVwSwPAUolZObDB_KM8LKngUrc4P22EW2unh4rzmlw1wIrWucaJvTe5f9LoRLhbY8iHu3HNSYFySRaBxu7w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13693
last-modified
Tue, 10 Sep 2019 14:10:59 GMT
server
UploadServer
etag
"a301d4b78f2395de7a5a8deff3d13d5a"
x-goog-hash
crc32c=bK4ufg==, md5=owHUt48jld56Wo3v89E9Wg==
x-goog-generation
1568124659540055
cache-control
private, max-age=0
x-goog-stored-content-length
13693
accept-ranges
bytes
content-type
text/html
expires
Mon, 30 Sep 2019 07:22:54 GMT
createAccountDialog.html
www.iqplaywin.com/LP/1140/ 		127 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/LP/1140/createAccountDialog.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
server
UploadServer
x-guploader-uploadid
AEnB2UrD6BWhg14ruXyGTe6oEC4RAF43oPktjFj30i9JZr7kkc0SinjnUtFrZUzT_Cz51q4VCLsYIwxaT0mTGQUWf_Ma8DE8zQ
content-type
application/xml; charset=UTF-8
status
404
cache-control
private, max-age=0
alt-svc
clear
content-length
127
expires
Mon, 30 Sep 2019 07:22:54 GMT
spin.svg
www.iqplaywin.com/images/LandingPage/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/images/LandingPage/spin.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/minified/css/css-all-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UqAnorlGthQ8kG6KrcdQvWDynqsIepwhMm3nNkhyqn7TYn-HGZYuZ0yjD373YE6_v2gbvYx6GHoavkRAGs9nGb3aAbhtw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
3078
last-modified
Tue, 10 Sep 2019 14:07:28 GMT
server
UploadServer
etag
"660af47f3c331aca339f6ff4cfaf5289"
x-goog-hash
crc32c=7qiuFw==, md5=Zgr0fzwzGsozn2/0z69SiQ==
x-goog-generation
1568124448027465
cache-control
private, max-age=0
x-goog-stored-content-length
3078
accept-ranges
bytes
content-type
image/svg+xml
expires
Mon, 30 Sep 2019 07:22:54 GMT
general.css
www.iqplaywin.com/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iqplaywin.com/general.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UpOk2syAanQMpgBNuSZronLeRFbgfTeFYhEuvW2mL3Xway8PwxbmUrXWFg2YiNI_ja9Var-GHoacqX5wT147__dAFeniA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
4976
last-modified
Tue, 10 Sep 2019 14:20:59 GMT
server
UploadServer
etag
"d562d198e5a760eebf6c183cd4e5c24a"
x-goog-hash
crc32c=YlxKTg==, md5=1WLRmOWnYO6/bBg81OXCSg==
x-goog-generation
1568125259280114
cache-control
private, max-age=0
x-goog-stored-content-length
4976
accept-ranges
bytes
content-type
text/css
expires
Mon, 30 Sep 2019 07:22:54 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/icon?family=Material+Icons
Origin
https://www.iqplaywin.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Sep 2019 11:03:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:50:48 GMT
server
sffe
age
1282759
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60840
x-xss-protection
0
expires
Mon, 14 Sep 2020 11:03:35 GMT
amazing-logo.svg
www.iqplaywin.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/images/amazing-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UoHi0lAQRgx119Ulki8EUgpMMOOliqKm8FhdyKFoPYTuZFFH7V4tjS37pLnhK0zU8BYqCNw76YvLB-ZbmWfHU4DgkNDpw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
5054
last-modified
Tue, 10 Sep 2019 14:07:25 GMT
server
UploadServer
etag
"f8de608b6c80f2667b0b2eb1a9790dfd"
x-goog-hash
crc32c=y2zgrA==, md5=+N5gi2yA8mZ7Cy6xqXkN/Q==
x-goog-generation
1568124445310026
cache-control
private, max-age=0
x-goog-stored-content-length
5054
accept-ranges
bytes
content-type
image/svg+xml
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-gold.png
www.iqplaywin.com/LP/1140/images/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-gold.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08b6f6fca2d0d82e613ec0f21bfa91f67bfd0fedb64afc3a10392ab71ea815fc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UoB1qc0J21YYyV-fkjvzKn6Da2BuBbdZA0ZuyOHzbNFbvN_jUO-nc80-bjibqXh3FAXPelHkXt0XFiJA2dy-afWQS8M5w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
103982
last-modified
Tue, 10 Sep 2019 14:11:02 GMT
server
UploadServer
etag
"6e219935f22637ac64fe05afbae132cf"
x-goog-hash
crc32c=uxlJhA==, md5=biGZNfImN6xk/gWvuuEyzw==
x-goog-generation
1568124662168671
cache-control
private, max-age=0
x-goog-stored-content-length
103982
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-gold2.png
www.iqplaywin.com/LP/1140/images/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-gold2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da0f38b88ace6f4bbee8058bdc41e071df27d41e8b89be38c2478da42044b55b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UrgECBJW7Nm0tTvjDai4zPlORkJnEzvApd0q9sMVEimYJQ_xRhK91xbcWAd4DGXcimC8CXuSbY7ORgq0xkFU6BdDHlFPQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
206055
last-modified
Tue, 10 Sep 2019 14:11:02 GMT
server
UploadServer
etag
"d99b67ac6476baf070358c51d4d9fd31"
x-goog-hash
crc32c=1FBR5A==, md5=2ZtnrGR2uvBwNYxR1Nn9MQ==
x-goog-generation
1568124662434839
cache-control
private, max-age=0
x-goog-stored-content-length
206055
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-silver.png
www.iqplaywin.com/LP/1140/images/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-silver.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e7ef032c1eca6b64f75900506848a5f4435fdd56c01742c653c9c2098fb4772

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UqjXwP992PhMw86tqAYrPrQWl3j48HvIWzKmPym-Lwa8MpbMFejMReVqzhxZQ1U5fsmxbWZLwpBYYQNMTNNSnGuGL8n7Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
105737
last-modified
Tue, 10 Sep 2019 14:11:02 GMT
server
UploadServer
etag
"a9f27d6d157be2426090b0eadaf3ce45"
x-goog-hash
crc32c=IRXJ/Q==, md5=qfJ9bRV74kJgkLDq2vPORQ==
x-goog-generation
1568124662891319
cache-control
private, max-age=0
x-goog-stored-content-length
105737
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-silver2.png
www.iqplaywin.com/LP/1140/images/ 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-silver2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
980364987b2387dc00bc319cb8077f90442911b076a9139092dcf93fd25ea014

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UqHo27wpbOgCdY6bNPFix0RYjBTN__BOa9DI6RgR1dZT-QzY_LvXe1MJsdQvOwzPxUHaMtobbAIODysJpGjQ8NuxxkigQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
198823
last-modified
Tue, 10 Sep 2019 14:11:05 GMT
server
UploadServer
etag
"b10d4f327ded99634cd84c862fef3b87"
x-goog-hash
crc32c=GYeQtg==, md5=sQ1PMn3tmWNM2EyGL+87hw==
x-goog-generation
1568124665252209
cache-control
private, max-age=0
x-goog-stored-content-length
198823
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-spacegray.png
www.iqplaywin.com/LP/1140/images/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-spacegray.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
56658067064298a3ba18b11f3018416125440de4c6dc11f0dd1cfb3829343232

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UpvJZOI14l79XZrfdkbV-KKmh1K14cqElcMA514nCqlya1eu99jHPxGBdc1t48JVeyhDuY7heHIRMd-L9Lk4v-uqxR5Mw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
99486
last-modified
Tue, 10 Sep 2019 14:11:04 GMT
server
UploadServer
etag
"316ee59dbf600b3b937a719775c0b9a7"
x-goog-hash
crc32c=WKz5rg==, md5=MW7lnb9gCzuTenGXdcC5pw==
x-goog-generation
1568124664862629
cache-control
private, max-age=0
x-goog-stored-content-length
99486
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
iPhone-Xs-spacegray2.png
www.iqplaywin.com/LP/1140/images/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/LP/1140/images/iPhone-Xs-spacegray2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
abfaa53c8beac9f49b47e5e68b2b317225b14e8afaa4724212e11deb7cace3d2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UoQkcriKQEJfRj0OAlGIgYkKJA4qBbRN1ezgbO_uilP1XBVdnqsveWcfb0BW91Vi0P8FleWPgXIdvgnSnLXOgVwfiqeEg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
174174
last-modified
Tue, 10 Sep 2019 14:11:05 GMT
server
UploadServer
etag
"a5562c4bca1bdac7052f35c754962174"
x-goog-hash
crc32c=DTytNw==, md5=pVYsS8ob2scFLzXHVJYhdA==
x-goog-generation
1568124665863437
cache-control
private, max-age=0
x-goog-stored-content-length
174174
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
ssl.png
www.iqplaywin.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iqplaywin.com/images/ssl.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
206.205.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
x-guploader-uploadid
AEnB2UqCqM6IYjD0FqF5XsSAEvjr6Dfb5zcR0t37I_kXI4k187E6hwIWarUXqlqlLSoNiFnNZT-PXP1bNEYTZ-8xDQ_e1FLKrg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13284
last-modified
Tue, 10 Sep 2019 14:07:29 GMT
server
UploadServer
etag
"5dbad574b841d7a0d9b6677440163c68"
x-goog-hash
crc32c=FAQz+g==, md5=XbrVdLhB16DZtmd0QBY8aA==
x-goog-generation
1568124449391829
cache-control
private, max-age=0
x-goog-stored-content-length
13284
accept-ranges
bytes
content-type
image/png
expires
Mon, 30 Sep 2019 07:22:54 GMT
css
fonts.googleapis.com/ 		10 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6981accfc8a142caf038c3a2efa93bba0bd555302b92011834c1dcd9ad03a228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Sep 2019 07:22:54 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 30 Sep 2019 07:22:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 30 Sep 2019 07:22:54 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=596950890744347&ev=Microdata&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4236%26theme%3D1140%26clickid%3Ddcik19j10pij8fnp1nnk1g44%26pub%3D3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s1%3D8833ab3e-9351-4f0b-a3c8-e460beb462c8%26s2%3Dw60ft7d4bo7pbfnphkhur1ke&rl=https%3A%2F%2Fcitines-boutlet.com%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93d3cuMjR0Ny5tZS9sbi8wdEprOEVENDIzNj9jbGlja2lkPWRjaWsxOWoxMHBpajhmbnAxbm5rMWc0NCZwdWI9M2M5Y2ZjOGItN2E0Mi00ZDg0LWJmNjItNjJmZWQ1MjM4Mjg3Xzg4MzNhYjNlLTkzNTEtNGYwYi1hM2M4LWU0NjBiZWI0NjJjOCZzMT04ODMzYWIzZS05MzUxLTRmMGItYTNjOC1lNDYwYmViNDYyYzgmczI9dzYwZnQ3ZDRibzdwYmZucGhraHVyMWtl%26ts%3D1569828172645%26hash%3DQHfEYanDmE5lNW1uB-q_s5m_sPoU2MwGT2gwGSU9AL8%26rm%3DDJ&if=false&ts=1569828174940&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iqplaywin.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569828174939.2120872890&it=1569828173379&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.iqplaywin.com/welcome.html?aff=4236&theme=1140&clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 07:22:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 30 Sep 2019 07:22:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.24t7.me
URL
https://www.24t7.me/ln/0tJk8ED4236?clickid=dcik19j10pij8fnp1nnk1g44&pub=3c9cfc8b-7a42-4d84-bf62-62fed5238287_8833ab3e-9351-4f0b-a3c8-e460beb462c8&s1=8833ab3e-9351-4f0b-a3c8-e460beb462c8&s2=w60ft7d4bo7pbfnphkhur1ke

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| fbq function| _fbq object| uetq object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET object| _env function| parseURLParams function| redirectIfNeeded function| resetCheckByIpObjectsAndCreateGlobalParamsObject function| handleCheckByIpResult object| globalParams object| checkByIpResult object| checkByIpRequest object| preLoadingUrlParams function| checkByIp number| j function| $ function| jQuery function| Fingerprint2 object| angular object| iqTestLP undefined| countryNumber boolean| confirmOnExit string| url object| currParams string| currTheme undefined| currTrans object| s object| now number| year number| mm number| dd number| weekday number| hour number| min number| sec object| month object| day function| monthToStr function| dayToStr function| setTime number| timer object| compareDate function| timeBetweenDates

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apidata.info
app.1stimpression.club
app.logictree.co
bat.bing.com
citines-boutlet.com
code.jquery.com
connect.facebook.net
downhill-mtb.eu
elisbi.live
fonts.googleapis.com
fonts.gstatic.com
hardtail-mtb.be
maxcdn.bootstrapcdn.com
p.t67.me
secure.soupdog.space
srv.ibraincollege.com
www.24t7.me
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.iqplaywin.com
www.24t7.me
18.195.30.247
2001:41d0:701:1100::1f26
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:1b
2606:4700:30::6818:659a
2606:4700:30::6818:72c7
2606:4700:30::681c:105
2606:4700:30::681f:46e4
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:816::200a
2a00:1450:4001:817::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.244.175.13
35.244.205.206
51.75.67.102
54.200.87.201
08b6f6fca2d0d82e613ec0f21bfa91f67bfd0fedb64afc3a10392ab71ea815fc
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1e7ef032c1eca6b64f75900506848a5f4435fdd56c01742c653c9c2098fb4772
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
352a618ca114c43142c38574d997f7478c6eeb6dc04095bdb96bafd84ca07641
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
4c3b6f994e1b11a0a83acf9d9e28c8b81596970cf677cc14b4d07e41fa8cfbb4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ea66a2eca67ac87f2eec457ef4070bce21668b77e51e2c5b88a7e8dc7188b
5484dfcc1a06c9a24b1718980d1658662efe55a3693ae99be5e69d070455c121
55f74b96a814b05ee57d3df99280aa1749b05773c2ceb062a10367c64730d970
56658067064298a3ba18b11f3018416125440de4c6dc11f0dd1cfb3829343232
5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856
616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756
63e8454951e0c6bc35be78b8603b9994d5eb2823b22484ac5fefa9a08bd14190
6981accfc8a142caf038c3a2efa93bba0bd555302b92011834c1dcd9ad03a228
6fd7503d8348653e3bd161f7f81e58689be98627cc483ccd134ea0fea2b3aea7
6ffa9dde1f943aee27f1a1c333b65b4cd1d85e0575988446088b1bb63e00bebb
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a24f4329046ed547cc4a0c95bb73180763ec884bee071857bab1469a00b80e3
8e2f993f2b6de765a61e278573554db0964160a365779f200b5cb315b4697d88
907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df
980364987b2387dc00bc319cb8077f90442911b076a9139092dcf93fd25ea014
9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
a821bc4fb42646c81f591fbb80c07c6a31ca0e28e27e620ccae6a0db74acc76c
abfaa53c8beac9f49b47e5e68b2b317225b14e8afaa4724212e11deb7cace3d2
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
bf4c6d62e41d00e93082c134a0501630fa33253318a3867fa57ee19643c1332c
d0aca4d9a24457b20e9627b3b099620a5ec63596586c481f79874bf83031eb13
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
da0f38b88ace6f4bbee8058bdc41e071df27d41e8b89be38c2478da42044b55b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e137812d0739f47b90bf637dd659b3882e13e5047a1ac2203a55aac8f665f1dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f9e67eef5a15aa3ab738b44a493cd7dbe4f3a472e703b00c38262cc25c1d50
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f
f7128eb4da794fa16439a604286b05df140a57559c726f990a94be9497b50aa7
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c