blackflightfind.tw Open in urlscan Pro
178.128.241.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dwinaga.createprecession.com/
Effective URL:
https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker
Submission: On February 25 via api (February 25th 2021, 4:34:54 pm UTC) from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 32 HTTP transactions. The main IP is 178.128.241.54, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is blackflightfind.tw.
TLS certificate: Issued by R3 on February 18th 2021. Valid for: 3 months.

This is the only time blackflightfind.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	103.6.198.223 103.6.198.223	46015 (EXABYTES-...) (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd.)
1 1	95.181.172.55 95.181.172.55	50673 (SERVERIUS-AS) (SERVERIUS-AS)
22 44	51.195.108.239 51.195.108.239	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	178.128.241.54 178.128.241.54	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
32	5

2 103.6.198.223 (Malaysia)

ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: grison.mschosting.com

dwinaga.createprecession.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.172.55 (Meppel, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: smole.com

port.transandfiestas.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 51.195.108.239 (France) 22 redirects

ASN16276 (OVH, FR)
PTR: cloud.msk.network

main.travelfornamewalking.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
click.travelfornamewalking.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.241.54 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

blackflightfind.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	travelfornamewalking.ga main.travelfornamewalking.ga Failed click.travelfornamewalking.ga	14 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	createprecession.com dwinaga.createprecession.com	97 KB
1	blackflightfind.tw blackflightfind.tw	18 KB
1	transandfiestas.ga 1 redirects port.transandfiestas.ga	268 B
32	5

	Domain	Requested by
23	click.travelfornamewalking.ga	1 redirects dwinaga.createprecession.com port.transandfiestas.ga click.travelfornamewalking.ga
21	main.travelfornamewalking.ga	dwinaga.createprecession.com
3	fonts.googleapis.com	dwinaga.createprecession.com
2	dwinaga.createprecession.com	dwinaga.createprecession.com
1	blackflightfind.tw	click.travelfornamewalking.ga
1	port.transandfiestas.ga	1 redirects
32	6

This site contains no links.

Subject Issuer	Validity	Valid
dwinaga.createprecession.com cPanel, Inc. Certification Authority	`2021-01-14` - `2021-04-14`	3 months	crt.sh
click.travelfornamewalking.ga R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
blackflightfind.tw R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker
Frame ID: 857F09D5D64BBE5EAA36F42FF430B998
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://dwinaga.createprecession.com/ Page URL
https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192 Page URL
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

32
Requests

88 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

125 kB
Transfer

161 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dwinaga.createprecession.com/ Page URL
https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192 Page URL
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://port.transandfiestas.ga/stat.js?stat=update HTTP 301
https://main.travelfornamewalking.ga/stat.js?stat=update HTTP 301
https://click.travelfornamewalking.ga/stat.js?stat=update

Request Chain 4

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1

Request Chain 5

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3

Request Chain 6

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3

Request Chain 7

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5

Request Chain 8

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5

Request Chain 9

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5

Request Chain 10

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5

Request Chain 11

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5

Request Chain 12

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5

Request Chain 13

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp

Request Chain 14

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0

Request Chain 15

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3

Request Chain 20

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1

Request Chain 21

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0

Request Chain 22

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3

Request Chain 23

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2

Request Chain 24

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5

Request Chain 25

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4

Request Chain 26

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3

Request Chain 27

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1 HTTP 301
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dwinaga.createprecession.com/ 94 KB
95 KB 5300ms
4560ms Document
text/html 103.6.198.223
EXABYTES-AS-AP Ex...

General

Check archive.org

Show headers Download Go to

Full URL: https://dwinaga.createprecession.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.6.198.223 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS: grison.mschosting.com
Software: Apache /
Resource Hash: 21a09116e30c4c7e4a0546979f86dd76e48050917e8b22a5591cf4b4445e9b28

Request headers

:method: GET
:authority: dwinaga.createprecession.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:34:25 GMT
server: Apache
content-type: text/html;charset=utf-8

GET det.php
main.travelfornamewalking.ga/ 0
0

GET
H2 200 stat.js Show response
dwinaga.createprecession.com/https;//main.travelfornamewalking.ga/ 2 KB
2 KB 1116ms
1113ms Script
text/html 103.6.198.223
EXABYTES-AS-AP Ex...

General

Check archive.org

Show headers Download Go to

Full URL: https://dwinaga.createprecession.com/https;//main.travelfornamewalking.ga/stat.js?n=nb5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.6.198.223 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS: grison.mschosting.com
Software: Apache /
Resource Hash: fb4652898978d497c3585a4793b2fe6a58cfc4ced7177c16da1bda70c8296191

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:34:30 GMT
server: Apache
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

stat.js Show response
click.travelfornamewalking.ga/
Redirect Chain

https://port.transandfiestas.ga/stat.js?stat=update
https://main.travelfornamewalking.ga/stat.js?stat=update
https://click.travelfornamewalking.ga/stat.js?stat=update

169 B
373 B

84ms
31ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/stat.js?stat=update
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 20f308e7713be8fbf6b00d013a03317a69abc1a97ba2660ed335e3c445a643a5

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 169
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/stat.js?stat=update
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 265
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1

4 B
206 B

110ms
38ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/css/js_composer_min_css&ver=6.4.1
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 356
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3

4 B
206 B

118ms
38ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/css/dist/block-library/style_min_css&ver=5.5.3
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3

4 B
206 B

110ms
34ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/uploads/hurrytimer/css/c175b9162540db04_css&ver=5.5.3
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5

4 B
206 B

108ms
32ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/style_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5

4 B
206 B

111ms
32ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/total-child-theme/style_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5

4 B
206 B

110ms
32ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5

4 B
206 B

111ms
31ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/wpex-wpbakery_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 347
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5

4 B
206 B

114ms
34ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/css/ticons_min_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 355
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5

4 B
206 B

115ms
32ms

Stylesheet
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 4
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/css/vcex-shortcodes_css&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp

170 B
374 B

106ms
31ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 46c268b56d9d8dd5ec98ac7e9e6a01c2bc2985c39a6de446d35dc09dcc4b21b1

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0

168 B
372 B

114ms
34ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 2b12143aef01f5cd807b98504f727f67a6c99e28331c5fd200655fd9c5382728

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 168
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/jquery_cookie_min_js&ver=1.4.0
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3

170 B
374 B

113ms
34ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 369182f8d26daed0129b624f0ea9ad6a855a35d53400c249e04d4d2d2a660270

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/convertkit/resources/frontend/wp-convertkit_js&ver=1.9.3
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 360
Content-Type: text/html; charset=iso-8859-1

GET stat.js
dwinaga.createprecession.com/https;//main.travelfornamewalking.ga/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
738 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap&subset=latin

Requested by

Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

960593b414639f9d296e278caba851fff6e137f6c05812c2882f8989a85e4442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 16:34:30 GMT
server: ESF
date: Thu, 25 Feb 2021 16:34:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 16:34:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
2 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap&subset=latin

Requested by

Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a09e595d89517c541be8b29f37f88a4db324c46509fde3694899add9c7ee67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 16:17:56 GMT
server: ESF
date: Thu, 25 Feb 2021 16:34:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 16:34:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
660 B 42ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700&ver=6.4.1

Requested by

Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 15:51:49 GMT
server: ESF
date: Thu, 25 Feb 2021 16:34:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 16:34:30 GMT

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1

169 B
373 B

31ms
31ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 08ab13a10425f1b87c758fef078b6e7d29df79573b52124e2690c7e50491faf2

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 169
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/cookie_min_js&ver=3.14.1
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0

170 B
374 B

32ms
32ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: fc1a46b22d28641ed5bdd56d9b2a7f0c3476f7204f6f7ad143c53717dc6da5dd

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/jquery_countdown_min_js&ver=2.2.0
Date: Thu, 25 Feb 2021 16:34:30 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 358
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3

170 B
374 B

32ms
32ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 6fac8e56af9e820eb30d27c3fdd256b9630e54b74f6bc316718ce50a81abb736

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/hurrytimer/assets/js/hurrytimer_js&ver=2.3.3
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 348
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2

170 B
374 B

42ms
41ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 6a4d30d6a21a5a71a0fd5b37087ad8154ea407ee41764566a74ffe19173fb004

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/core/jquery_easing_min_js&ver=1.3.2
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 354
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5

170 B
374 B

42ms
42ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: a6fb3e9755bc5c745368dd234537541db611cbf860de62e51c76a8a3b2e153cd

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/js/total_min_js&ver=5.0.5
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 341
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4

170 B
374 B

43ms
42ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: a418278c77f0b031041c48d19b7d473a9e604581287a5033fc1bc9c790aac5f5

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-shortcodes_min_js&ver=1.2.4
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 376
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3

170 B
374 B

31ms
31ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 97c09b5aa637992573b44a29518f1b39bcffbbe59ef90e9cb0472787182926fa

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 170
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-includes/js/wp-embed_min_js&ver=5.5.3
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

det.php Show response
click.travelfornamewalking.ga/
Redirect Chain

https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1
https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1

169 B
373 B

31ms
31ms

Script
application/javascript

51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1
Requested by: Host: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: f9892d090e66250150a7d36e842dfc414ed56372ac4f5295b7cedc11146756ee

Request headers

Referer: https://dwinaga.createprecession.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 169
Keep-Alive: timeout=60
Content-Type: application/javascript

Redirect headers

Location: https://click.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/plugins/js_composer/assets/js/dist/js_composer_front_min_js&ver=6.4.1
Date: Thu, 25 Feb 2021 16:34:31 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 365
Content-Type: text/html; charset=iso-8859-1

GET zet.php
click.travelfornamewalking.ga/ 0
0

GET
H/1.1 200
OK zet.php Show response
click.travelfornamewalking.ga/ 470 B
676 B 32ms
31ms Document
text/html 51.195.108.239
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192
Requested by: Host: port.transandfiestas.ga
URL: https://port.transandfiestas.ga/stat.js?stat=update
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS: cloud.msk.network
Software: nginx / PHP/5.4.16
Resource Hash: 9ffada0249a2361453e1b9bfa9b3cae69f59c558dde1cce9952dfe79bc2fa27d

Request headers

Host: click.travelfornamewalking.ga
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://dwinaga.createprecession.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dwinaga.createprecession.com/

Response headers

Server: nginx
Date: Thu, 25 Feb 2021 16:34:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 470
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.16

GET ner.php
click.travelfornamewalking.ga/ 0
0

GET
H2

200

Primary Request / Show response
blackflightfind.tw/
Redirect Chain

https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker

18 KB
18 KB

93ms
34ms

Document
text/html

178.128.241.54
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker

Requested by

Host: click.travelfornamewalking.ga
URL: https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.128.241.54 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6036b603cdd705c6efd4a7fda4321f1ed7c2087487deb99dd56ab16401783f4b

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: blackflightfind.tw
:scheme: https
:path: /?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192

Response headers

server: nginx
date: Thu, 25 Feb 2021 16:34:31 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ffcde11c-1ae3-4062-aa05-28e16463e9d0; expires=Sat, 27-Mar-2021 16:34:31 GMT; Max-Age=2592000; path=/; domain=blackflightfind.tw
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

Redirect headers

Server: nginx
Date: Thu, 25 Feb 2021 16:34:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.16
Location: https://blackflightfind.tw/?p=hbtgenlggu5gi3bpgu2tqmi&sub1=brondier&sub2=stempicker

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: main.travelfornamewalking.ga
URL: https://main.travelfornamewalking.ga/det.php?id=k55546-3477-2346-2&/wp-content/themes/Total/assets/lib/ticons/fonts/ticons-webfont.woff2

Domain: dwinaga.createprecession.com
URL: https://dwinaga.createprecession.com/https;//main.travelfornamewalking.ga/stat.js?n=ns1

Domain: click.travelfornamewalking.ga
URL: https://click.travelfornamewalking.ga/zet.php?id=4442600&sid=5724745&uid=952192

Domain: click.travelfornamewalking.ga
URL: https://click.travelfornamewalking.ga/ner.php?v=325&id=524567

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.blackflightfind.tw/	1970-01-19 17:07:42	Name: uuid Value: ffcde11c-1ae3-4062-aa05-28e16463e9d0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blackflightfind.tw
click.travelfornamewalking.ga
dwinaga.createprecession.com
fonts.googleapis.com
main.travelfornamewalking.ga
port.transandfiestas.ga
click.travelfornamewalking.ga
dwinaga.createprecession.com
main.travelfornamewalking.ga
103.6.198.223
178.128.241.54
2a00:1450:4001:812::200a
51.195.108.239
95.181.172.55
08ab13a10425f1b87c758fef078b6e7d29df79573b52124e2690c7e50491faf2
20f308e7713be8fbf6b00d013a03317a69abc1a97ba2660ed335e3c445a643a5
21a09116e30c4c7e4a0546979f86dd76e48050917e8b22a5591cf4b4445e9b28
2b12143aef01f5cd807b98504f727f67a6c99e28331c5fd200655fd9c5382728
369182f8d26daed0129b624f0ea9ad6a855a35d53400c249e04d4d2d2a660270
38a09e595d89517c541be8b29f37f88a4db324c46509fde3694899add9c7ee67
46c268b56d9d8dd5ec98ac7e9e6a01c2bc2985c39a6de446d35dc09dcc4b21b1
6036b603cdd705c6efd4a7fda4321f1ed7c2087487deb99dd56ab16401783f4b
6a4d30d6a21a5a71a0fd5b37087ad8154ea407ee41764566a74ffe19173fb004
6fac8e56af9e820eb30d27c3fdd256b9630e54b74f6bc316718ce50a81abb736
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f
939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3
960593b414639f9d296e278caba851fff6e137f6c05812c2882f8989a85e4442
97c09b5aa637992573b44a29518f1b39bcffbbe59ef90e9cb0472787182926fa
9ffada0249a2361453e1b9bfa9b3cae69f59c558dde1cce9952dfe79bc2fa27d
a418278c77f0b031041c48d19b7d473a9e604581287a5033fc1bc9c790aac5f5
a6fb3e9755bc5c745368dd234537541db611cbf860de62e51c76a8a3b2e153cd
f9892d090e66250150a7d36e842dfc414ed56372ac4f5295b7cedc11146756ee
fb4652898978d497c3585a4793b2fe6a58cfc4ced7177c16da1bda70c8296191
fc1a46b22d28641ed5bdd56d9b2a7f0c3476f7204f6f7ad143c53717dc6da5dd

blackflightfind.tw Open in urlscan Pro 178.128.241.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

88 %HTTPS

20 %IPv6

5 Domains

6 Subdomains

5 IPs

4 Countries

125 kBTransfer

161 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

blackflightfind.tw Open in urlscan Pro
178.128.241.54 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

125 kB
Transfer

161 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions