www.endorsewest.icu Open in urlscan Pro
2606:4700:30::681f:445e  Malicious Activity! Public Scan

Submitted URL: http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0...
Effective URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0q...
Submission: On August 14 via manual from EG

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 51 HTTP transactions. The main IP is 2606:4700:30::681f:445e, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.endorsewest.icu.
This is the only time www.endorsewest.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 54.84.97.236 14618 (AMAZON-AES)
44 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
51 6
Domain Requested by
44 www.endorsewest.icu www.endorsewest.icu
3 www.chickenegg.pro www.chickenegg.pro
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 www.google.de www.endorsewest.icu
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com www.endorsewest.icu
1 www.smarturl.it 1 redirects
0 ab82f7f1-df0b-48be-a123-c309aada60c9 Failed www.endorsewest.icu
51 9

This site contains links to these domains. Also see Links.

Domain
www.microroof.com
pull1.9qgfhvrivvhxnd1ud.netdna-cdn.com
www.ergo-log.com
www.ncbi.nlm.nih.gov
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Frame ID: 35EFCC5B37532A58FA939B115B952257
Requests: 49 HTTP requests in this frame

Frame: http://www.endorsewest.icu/click/work/ManPlus_files/blank.htm
Frame ID: C56A9CA0EB2CF309ABC055078EABD1AD
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJ... Page URL
  2. http://www.chickenegg.pro/offer.php?id=7&sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJ... Page URL
  3. http://www.smarturl.it/40ntrw?sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGX... HTTP 301
    http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

51
Requests

6 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

6
IPs

3
Countries

1748 kB
Transfer

2016 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs Page URL
  2. http://www.chickenegg.pro/offer.php?id=7&sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs Page URL
  3. http://www.smarturl.it/40ntrw?sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs HTTP 301
    http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1713078804&t=pageview&_s=1&dl=http%3A%2F%2Fwww.endorsewest.icu%2Fclick%2Fwork%2Fmanplus.php%3Fh%3D-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%252FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs%26sid%3D715514&dr=http%3A%2F%2Fwww.chickenegg.pro%2Foffer.php%3Fid%3D7%26sid%3D715514%26h%3D-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&ul=en-us&de=UTF-8&dt=American%20Health%3A%20Dr%20Recommended%20ED%20Permanent%20Solution%20for%20All%20Men&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1499214623&gjid=2107109253&cid=1389705386.1565771432&tid=UA-22484186-3&_gid=1046015833.1565771432&_r=1&gtm=2ou874&z=1645861788 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_gid=1046015833.1565771432&gjid=2107109253&_v=j78&z=1645861788 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788&slf_rd=1&random=1305751828

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/
667 B
755 B
Document
General
Full URL
http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3c8c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
0fe075ab0ec69829dfd695d20304fecbfb3da10acc5b1322b87f21f43971dade

Request headers

Host
www.chickenegg.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df9da88b0511333ba148b1c1e9c7a15681565771430; expires=Thu, 13-Aug-20 08:30:30 GMT; path=/; domain=.chickenegg.pro; HttpOnly
X-Powered-By
PHP/5.3.3
Server
cloudflare
CF-RAY
5061913149d0c2e5-FRA
Content-Encoding
gzip
jquery-1.11.0.min.js
www.chickenegg.pro/
94 KB
33 KB
Script
General
Full URL
http://www.chickenegg.pro/jquery-1.11.0.min.js
Requested by
Host: www.chickenegg.pro
URL: http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::6812:3c8c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer
http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:30 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 15 Jun 2016 01:14:34 GMT
Server
cloudflare
Age
3457
ETag
W/"5760abfa-1787d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
50619131fbdec2e5-FRA
Expires
Wed, 14 Aug 2019 12:30:30 GMT
offer.php
www.chickenegg.pro/
397 B
559 B
Document
General
Full URL
http://www.chickenegg.pro/offer.php?id=7&sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Requested by
Host: www.chickenegg.pro
URL: http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3c8c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
83651e0c8436a5e8060fb5a2464a4822980345e5a98a6f1d3658b80356df54b6

Request headers

Host
www.chickenegg.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Accept-Encoding
gzip, deflate
Cookie
__cfduid=df9da88b0511333ba148b1c1e9c7a15681565771430
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.chickenegg.pro/Izzvlr/qjbhxlrr33457mzxuumn/-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs

Response headers

Date
Wed, 14 Aug 2019 08:30:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Server
cloudflare
CF-RAY
506191322c60c2e5-FRA
Content-Encoding
gzip
Primary Request Cookie set manplus.php
www.endorsewest.icu/click/work/
Redirect Chain
  • http://www.smarturl.it/40ntrw?sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aS...
  • http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO...
42 KB
10 KB
Document
General
Full URL
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
60f0c69a672d361ad751001a0140123add7ad129891e405801cbada2d98c07b0

Request headers

Host
www.endorsewest.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.chickenegg.pro/offer.php?id=7&sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.chickenegg.pro/offer.php?id=7&sid=715514&h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU/K-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d18df17e2d37f57855268e7cf2c7282ed1565771431; expires=Thu, 13-Aug-20 08:30:31 GMT; path=/; domain=.endorsewest.icu; HttpOnly
X-Powered-By
PHP/5.3.3
Server
cloudflare
CF-RAY
506191346b176443-FRA
Content-Encoding
gzip

Redirect headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=3fbSGGwO5umDXyYfhO3etaikE98wgCV4xll+1+YK6DRpPPz/7mImjMtouWOnYKB8d7XMxUmNePQhNd2YjERgBbx1uYkO5sBhmhgYj5UiKttfQELLIUhTP1eit+6S; Expires=Wed, 21 Aug 2019 08:30:31 GMT; Path=/ requester_id=1161555686747086851;Path=/;Expires=Sat, 11-Aug-2029 08:30:31 GMT;Max-Age=315360000 last_click_40ntrw=1565771431038;Path=/;Expires=Fri, 16-Aug-2019 08:30:31 GMT;Max-Age=172800
Server
nginx/1.14.2
X-Application-Context
application:default,prod:2243
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
X-Node-Id
594
Location
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
X-Proxy-Cache
MISS
js
www.googletagmanager.com/gtag/
68 KB
26 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
631cc24fcb2dbc606cf9c464352e41db90a94c3a98e3fb30bffc6407368e3ea8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 14 Aug 2019 08:30:31 GMT
content-encoding
br
last-modified
Wed, 14 Aug 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26582
x-xss-protection
0
expires
Wed, 14 Aug 2019 08:30:31 GMT
jquery.download
www.endorsewest.icu/click/work/ManPlus_files/
82 KB
83 KB
Script
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/jquery.download
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
ETag
"5c0c6262-1499c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191358875c2fe-FRA
Content-Length
84380
bootstrap.css
www.endorsewest.icu/click/work/ManPlus_files/
118 KB
20 KB
Stylesheet
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/bootstrap.css
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
W/"5c0c6262-1d970"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
506191356c8cd6e1-FRA
Expires
Wed, 14 Aug 2019 12:30:31 GMT
index.css
www.endorsewest.icu/click/work/ManPlus_files/
3 KB
1 KB
Stylesheet
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/index.css
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4607d341accd4b7042376ac16f216103493c914dde7e369f3943163172dd3f46

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
W/"5c0c6262-d5b"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
506191356d2fdfa9-FRA
Expires
Wed, 14 Aug 2019 12:30:31 GMT
headernews.png
www.endorsewest.icu/click/work/ManPlus_files/
16 KB
17 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/headernews.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0102b25453c2f5a59e20e5e2c2145d2744c41cbe752286c94126536483221580

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-4169"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191356f49e00f-FRA
Content-Length
16745
Expires
Wed, 14 Aug 2019 12:30:31 GMT
headernews-mob.png
www.endorsewest.icu/click/work/ManPlus_files/
8 KB
8 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/headernews-mob.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35348df5ccd1fbe1b6923b348063c337767c969ea9699a47c16cb03f2e9f7784

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-2016"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191358f8ce00f-FRA
Content-Length
8214
Expires
Wed, 14 Aug 2019 12:30:31 GMT
feature2.png
www.endorsewest.icu/click/work/ManPlus_files/
954 B
1 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/feature2.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cad45acb175e8a861ca8111c576f2f0f66e112d0793f82f17c159a8f536462

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-3ba"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191365f91d6e1-FRA
Content-Length
954
Expires
Wed, 14 Aug 2019 12:30:31 GMT
newsarticlee1.jpg
www.endorsewest.icu/click/work/ManPlus_files/
9 KB
10 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/newsarticlee1.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5970b6c7aedad119a125e926e1a69b55a2830d38eb6462f564907528ae57760c

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-25d5"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191366ad8e00f-FRA
Content-Length
9685
Expires
Wed, 14 Aug 2019 12:30:31 GMT
show1.jpg
www.endorsewest.icu/click/work/ManPlus_files/
77 KB
77 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/show1.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de24740543bf6e647338fd09850ca9137791a694c27ecded96747a809ce33ae5

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-133b8"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191367fdfd6e1-FRA
Content-Length
78776
Expires
Wed, 14 Aug 2019 12:30:31 GMT
fruitanim.gif
www.endorsewest.icu/click/work/ManPlus_files/
1 MB
1 MB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/fruitanim.gif
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
556572b0d4839db5b25be5d434c812307286b9a28f521c3ad04c3387d16c8db7

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-11be2e"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191367b23e00f-FRA
Content-Length
1162798
Expires
Wed, 14 Aug 2019 12:30:31 GMT
family.jpg
www.endorsewest.icu/click/work/ManPlus_files/
41 KB
41 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/family.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf04fc03a4c68bfceb9b7e782588f386a9d99d7080e2c091b787f2a4064ff77

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-a3d6"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191368812d6e1-FRA
Content-Length
41942
Expires
Wed, 14 Aug 2019 12:30:31 GMT
offer.jpg
www.endorsewest.icu/click/work/ManPlus_files/
5 KB
6 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/offer.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a53628606a833b84cd71d72ec86cde98aedd0bf96b39181ff0302fd85a1b83

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-1544"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191369841d6e1-FRA
Content-Length
5444
Expires
Wed, 14 Aug 2019 12:30:31 GMT
checkmark-green-sm.png
www.endorsewest.icu/click/work/ManPlus_files/
449 B
849 B
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/checkmark-green-sm.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6cd9e03c3ca638de45cc8d4206d55007f480e77f30a07ecdef77467ba55a81

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-1c1"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136a87dd6e1-FRA
Content-Length
449
Expires
Wed, 14 Aug 2019 12:30:31 GMT
12976.png
www.endorsewest.icu/click/work/ManPlus_files/
30 KB
30 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/12976.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a50e0687ed2de81603c2799382dd69d5559a88c129d0d939a98567fac557c6

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-77f6"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136b8b1d6e1-FRA
Content-Length
30710
Expires
Wed, 14 Aug 2019 12:30:31 GMT
button.png
www.endorsewest.icu/click/work/ManPlus_files/
3 KB
4 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/button.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f74eef90d57f44b5d28cae3023f1855692d4086152e834bae1fab53e350c76

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-d1e"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136bc0de00f-FRA
Content-Length
3358
Expires
Wed, 14 Aug 2019 12:30:31 GMT
oldcouples.jpg
www.endorsewest.icu/click/work/ManPlus_files/
68 KB
69 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/oldcouples.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ce67ba343711a89ab3bf5523c7aaf60ad49dc52b433114bc5540455bb09b48

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-11116"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136c90dd6e1-FRA
Content-Length
69910
Expires
Wed, 14 Aug 2019 12:30:31 GMT
breaking_news1.jpg
www.endorsewest.icu/click/work/ManPlus_files/
9 KB
10 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/breaking_news1.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0434873cceb252a1f7eb0f72a3e315d524a771f85134ec4a7ed914ca4375e19e

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-25c3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136cc4be00f-FRA
Content-Length
9667
Expires
Wed, 14 Aug 2019 12:30:31 GMT
social-counters-transparent.png
www.endorsewest.icu/click/work/ManPlus_files/
3 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/social-counters-transparent.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d317d0dc88645a8172c95f537ff9735fb176feeec5473d34e91fbd249e214c0c

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-b66"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136eca7e00f-FRA
Content-Length
2918
Expires
Wed, 14 Aug 2019 12:30:31 GMT
16.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/16.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
"5c0c6262-895"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136ecf3c2fe-FRA
Content-Length
2197
Expires
Wed, 14 Aug 2019 12:30:31 GMT
17.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/17.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
225e625140a6dc5b7ea7ea7cdb1790f9a5f97b88660c35a80744c4002cf97a64

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-6b9"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136edc36443-FRA
Content-Length
1721
Expires
Wed, 14 Aug 2019 12:30:31 GMT
18.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/18.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-8a0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136ea8edfa9-FRA
Content-Length
2208
Expires
Wed, 14 Aug 2019 12:30:31 GMT
19.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/19.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-899"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136e872bed3-FRA
Content-Length
2201
Expires
Wed, 14 Aug 2019 12:30:31 GMT
20.jpg
www.endorsewest.icu/click/work/ManPlus_files/
1 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/20.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef632303bbe9319d81a3eba67c232f73377b49fbe412fed44a69fff918c702a

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-5da"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136e988d6e1-FRA
Content-Length
1498
Expires
Wed, 14 Aug 2019 12:30:31 GMT
21.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/21.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62a7b5ff4b5b98dd53c4fa08d66f2491b00e392716a92ab180e775931d6e0ba

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-9d0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136fce8e00f-FRA
Content-Length
2512
Expires
Wed, 14 Aug 2019 12:30:31 GMT
22.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/22.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-63d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136fac6dfa9-FRA
Content-Length
1597
Expires
Wed, 14 Aug 2019 12:30:31 GMT
24.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/24.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
883c2959ff08798d569125c363c9fdce1f90788941b8ad9bd4c8ee9b87db31c9

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-653"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136fdd16443-FRA
Content-Length
1619
Expires
Wed, 14 Aug 2019 12:30:31 GMT
25.jpg
www.endorsewest.icu/click/work/ManPlus_files/
1 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/25.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f993a417990bb43b478f89f57addd2faac7ce85505018279c61945265a1ca38

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-535"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
50619136f88abed3-FRA
Content-Length
1333
Expires
Wed, 14 Aug 2019 12:30:31 GMT
1.jpg
www.endorsewest.icu/click/work/ManPlus_files/
3 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/1.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-b11"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5061913709d2d6e1-FRA
Content-Length
2833
Expires
Wed, 14 Aug 2019 12:30:31 GMT
2.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/2.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c78bb71257b58cd8897f2d79533e404e9505d39273341be31f34449e79d8e55

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-735"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191370de66443-FRA
Content-Length
1845
Expires
Wed, 14 Aug 2019 12:30:31 GMT
3.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/3.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
382865cf929932d15c75700d49484eb5a72ecf1763a1a4277c32f097561ccf57

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-72a"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5061913718b4bed3-FRA
Content-Length
1834
Expires
Wed, 14 Aug 2019 12:30:31 GMT
4.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/4.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-7b9"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191370aefdfa9-FRA
Content-Length
1977
Expires
Wed, 14 Aug 2019 12:30:31 GMT
5.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/5.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac48a9234c6035014ed016f469755d3785cc6a4c90b1e28aaff6a3358c4643c

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-698"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191370d46e00f-FRA
Content-Length
1688
Expires
Wed, 14 Aug 2019 12:30:31 GMT
7.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/7.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
817446f3709dd74e2b2ef55beb788d98d3e3771a8a88fb33512b024f534e7940

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-794"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191370d7dc2fe-FRA
Content-Length
1940
Expires
Wed, 14 Aug 2019 12:30:31 GMT
8.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/8.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4637ac55abe3619506f8421ec0dd3f4b54cc75a3e15ad846073684b959c72021

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-758"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191371a0fd6e1-FRA
Content-Length
1880
Expires
Wed, 14 Aug 2019 12:30:31 GMT
9.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/9.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5512972462bfa18f08f71701155c1eaa0351239d29960fd24fa5a6aa71617af4

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-742"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191371dfb6443-FRA
Content-Length
1858
Expires
Wed, 14 Aug 2019 12:30:31 GMT
11.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
3 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/11.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7db83e577c12a4642d7218d11d314b31703d955906c1d132463288d9500c8f9

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-90e"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191371d8ce00f-FRA
Content-Length
2318
Expires
Wed, 14 Aug 2019 12:30:31 GMT
12.jpg
www.endorsewest.icu/click/work/ManPlus_files/
1 KB
1 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/12.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d628158a4b0e76e43c9fcda73ce13400abaf16a4e8c663cacb8b1a9fef43674

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-45c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191371b25dfa9-FRA
Content-Length
1116
Expires
Wed, 14 Aug 2019 12:30:31 GMT
14.jpg
www.endorsewest.icu/click/work/ManPlus_files/
2 KB
2 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/14.jpg
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c27937a2ab2635e914d950009c81901a24918f0d9030240c4935462a813bfe

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-608"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191373bb8dfa9-FRA
Content-Length
1544
Expires
Wed, 14 Aug 2019 12:30:31 GMT
bottombarscroll.download
www.endorsewest.icu/click/work/ManPlus_files/
11 KB
11 KB
Script
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/bottombarscroll.download
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea5f70b56e1812c972cfdb98636170a009c194fcef482606bf2b07346ed4b45

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
ETag
"5c0c6262-2bfc"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191359d04d6e1-FRA
Content-Length
11260
bounce.css
www.endorsewest.icu/click/work/ManPlus_files/
20 KB
2 KB
Stylesheet
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/bounce.css
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
847c0fcd8c4b798ae51544c59cb163b3353eca3fdd0b2a1b1c042a0d4a103c5b

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
W/"5c0c6262-5023"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
506191358c4b6443-FRA
Expires
Wed, 14 Aug 2019 12:30:31 GMT
bounce.download
www.endorsewest.icu/click/work/ManPlus_files/
4 KB
4 KB
Script
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/bounce.download
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71f26c0529f96f11bfb2a1a2b0612ea08035b44bae71f9212e7433e5d00f37d

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
ETag
"5c0c6262-fd9"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191359fd3e00f-FRA
Content-Length
4057
ed_generic.png
www.endorsewest.icu/click/work/ManPlus_files/
79 KB
79 KB
Image
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/ed_generic.png
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74616599366488ec44c6279dafda42dff73df1c11514d7b6495b14ac88a21f1e

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1688
ETag
"5c0c6262-13aa3"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
506191373dfde00f-FRA
Content-Length
80547
Expires
Wed, 14 Aug 2019 12:30:31 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
3241
date
Wed, 14 Aug 2019 07:36:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Wed, 14 Aug 2019 09:36:30 GMT
blank.htm
www.endorsewest.icu/click/work/ManPlus_files/ Frame C56A
1 KB
785 B
Document
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/blank.htm
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
HTTP/1.1
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68311647c8c9d1fdbe338d52034ff2f0e96857dd170ff312d9d08cef4ef4c3a0

Request headers

Host
www.endorsewest.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d18df17e2d37f57855268e7cf2c7282ed1565771431
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
CF-RAY
506191373e116443-FRA
Content-Encoding
gzip
home.png
ab82f7f1-df0b-48be-a123-c309aada60c9/data/icons/
0
0

ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=1713078804&t=pageview&_s=1&dl=http%3A%2F%2Fwww.endorsewest.icu%2Fclick%2Fwork%2Fmanplus.php%3Fh%3D-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_gid=1046015833.1565771432&gjid=2107109253&_v=j78&z=1645861788
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788&slf_rd=1&random=1305751828
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788&slf_rd=1&random=1305751828
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.endorsewest.icu/click/work/manplus.php?h=-qWDt3XfYnqDhjJlpqgIFv7rVH_xkyms2pIirNk9vVU%2FK-OJracdszGXxztdBkQndph0qmVNMPQrHilIy6XIL1ud1wqAccz5CH4zg3iiHe1SaTkwifdgpYLbAN6_pnmjAFuJU9s0_AgkZRO-EpyQO7J5aSUyG1VPRVexZwzUGKxs&sid=715514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2019 08:30:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Aug 2019 08:30:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=1389705386.1565771432&jid=1499214623&_v=j78&z=1645861788&slf_rd=1&random=1305751828
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inject.css
www.endorsewest.icu/click/work/ManPlus_files/blank_data/ Frame C56A
4 KB
1 KB
Stylesheet
General
Full URL
http://www.endorsewest.icu/click/work/ManPlus_files/blank_data/inject.css
Requested by
Host: www.endorsewest.icu
URL: http://www.endorsewest.icu/click/work/ManPlus_files/blank.htm
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681f:445e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Referer
http://www.endorsewest.icu/click/work/ManPlus_files/blank.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 14 Aug 2019 08:30:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 09 Dec 2018 00:31:30 GMT
Server
cloudflare
Age
1689
ETag
W/"5c0c6262-f28"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
506191381ef26443-FRA
Expires
Wed, 14 Aug 2019 12:30:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ab82f7f1-df0b-48be-a123-c309aada60c9
URL
moz-extension://ab82f7f1-df0b-48be-a123-c309aada60c9/data/icons/home.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| dayNames object| monthNames object| now object| scrollMonitor function| countdown boolean| isSafari function| launchext function| ouibounce object| _ouibounce object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.endorsewest.icu/ Name: _gat_gtag_UA_22484186_3
Value: 1
.endorsewest.icu/ Name: _ga
Value: GA1.2.1389705386.1565771432
.endorsewest.icu/ Name: _gid
Value: GA1.2.1046015833.1565771432
.endorsewest.icu/ Name: __cfduid
Value: d18df17e2d37f57855268e7cf2c7282ed1565771431

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ab82f7f1-df0b-48be-a123-c309aada60c9
stats.g.doubleclick.net
www.chickenegg.pro
www.endorsewest.icu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.smarturl.it
ab82f7f1-df0b-48be-a123-c309aada60c9
2606:4700:30::6812:3c8c
2606:4700:30::681f:445e
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2004
2a00:1450:4001:819::2003
2a00:1450:400c:c09::9b
54.84.97.236
0102b25453c2f5a59e20e5e2c2145d2744c41cbe752286c94126536483221580
0434873cceb252a1f7eb0f72a3e315d524a771f85134ec4a7ed914ca4375e19e
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b
0fe075ab0ec69829dfd695d20304fecbfb3da10acc5b1322b87f21f43971dade
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
225e625140a6dc5b7ea7ea7cdb1790f9a5f97b88660c35a80744c4002cf97a64
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
35348df5ccd1fbe1b6923b348063c337767c969ea9699a47c16cb03f2e9f7784
382865cf929932d15c75700d49484eb5a72ecf1763a1a4277c32f097561ccf57
3e6cd9e03c3ca638de45cc8d4206d55007f480e77f30a07ecdef77467ba55a81
4607d341accd4b7042376ac16f216103493c914dde7e369f3943163172dd3f46
4637ac55abe3619506f8421ec0dd3f4b54cc75a3e15ad846073684b959c72021
47ce67ba343711a89ab3bf5523c7aaf60ad49dc52b433114bc5540455bb09b48
5512972462bfa18f08f71701155c1eaa0351239d29960fd24fa5a6aa71617af4
556572b0d4839db5b25be5d434c812307286b9a28f521c3ad04c3387d16c8db7
5970b6c7aedad119a125e926e1a69b55a2830d38eb6462f564907528ae57760c
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
60f0c69a672d361ad751001a0140123add7ad129891e405801cbada2d98c07b0
631cc24fcb2dbc606cf9c464352e41db90a94c3a98e3fb30bffc6407368e3ea8
68311647c8c9d1fdbe338d52034ff2f0e96857dd170ff312d9d08cef4ef4c3a0
6f993a417990bb43b478f89f57addd2faac7ce85505018279c61945265a1ca38
74616599366488ec44c6279dafda42dff73df1c11514d7b6495b14ac88a21f1e
77f74eef90d57f44b5d28cae3023f1855692d4086152e834bae1fab53e350c76
7bf04fc03a4c68bfceb9b7e782588f386a9d99d7080e2c091b787f2a4064ff77
7d628158a4b0e76e43c9fcda73ce13400abaf16a4e8c663cacb8b1a9fef43674
817446f3709dd74e2b2ef55beb788d98d3e3771a8a88fb33512b024f534e7940
83651e0c8436a5e8060fb5a2464a4822980345e5a98a6f1d3658b80356df54b6
847c0fcd8c4b798ae51544c59cb163b3353eca3fdd0b2a1b1c042a0d4a103c5b
883c2959ff08798d569125c363c9fdce1f90788941b8ad9bd4c8ee9b87db31c9
88c27937a2ab2635e914d950009c81901a24918f0d9030240c4935462a813bfe
8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3
8c78bb71257b58cd8897f2d79533e404e9505d39273341be31f34449e79d8e55
a62a7b5ff4b5b98dd53c4fa08d66f2491b00e392716a92ab180e775931d6e0ba
a71f26c0529f96f11bfb2a1a2b0612ea08035b44bae71f9212e7433e5d00f37d
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6cad45acb175e8a861ca8111c576f2f0f66e112d0793f82f17c159a8f536462
bac48a9234c6035014ed016f469755d3785cc6a4c90b1e28aaff6a3358c4643c
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d2a53628606a833b84cd71d72ec86cde98aedd0bf96b39181ff0302fd85a1b83
d317d0dc88645a8172c95f537ff9735fb176feeec5473d34e91fbd249e214c0c
de24740543bf6e647338fd09850ca9137791a694c27ecded96747a809ce33ae5
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
e7db83e577c12a4642d7218d11d314b31703d955906c1d132463288d9500c8f9
eea5f70b56e1812c972cfdb98636170a009c194fcef482606bf2b07346ed4b45
eef632303bbe9319d81a3eba67c232f73377b49fbe412fed44a69fff918c702a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a50e0687ed2de81603c2799382dd69d5559a88c129d0d939a98567fac557c6
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c