wol1ckaim.com Open in urlscan Pro
2a03:b0c0:3:f0::8b:3000 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ehpidemiya-coronavirusa.ru/
Effective URL:
https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Submission: On June 01 via api (June 1st 2020, 4:23:43 pm UTC) from BE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 22 domains to perform 68 HTTP transactions. The main IP is 2a03:b0c0:3:f0::8b:3000, located in Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is wol1ckaim.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 17th 2020. Valid for: 3 months.

This is the only time wol1ckaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	213.136.83.75 213.136.83.75	51167 (CONTABO) (CONTABO)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	178.238.234.54 178.238.234.54	51167 (CONTABO) (CONTABO)
10	2a03:b0c0:3:f... 2a03:b0c0:3:f0::1b:6000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2 5	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:2:f... 2a03:b0c0:2:f0::337:f001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a03:b0c0:2:f... 2a03:b0c0:2:f0::202:c001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
29	2a03:b0c0:3:f... 2a03:b0c0:3:f0::8b:3000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	95.163.118.168 95.163.118.168	12695 (DINET-AS) (DINET-AS)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	5.9.154.76 5.9.154.76	24940 (HETZNER-AS) (HETZNER-AS)
2	80.87.202.200 80.87.202.200	29182 (THEFIRST-AS) (THEFIRST-AS)
3	2a03:b0c0:3:e... 2a03:b0c0:3:e0::335:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
68	19

3 213.136.83.75 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi190509.contaboserver.net

ehpidemiya-coronavirusa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.238.234.54 (Munich, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi200089.contaboserver.net

onlineee.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:b0c0:3:f0::1b:6000 (Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

globalsmediazs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:f0::337:f001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

w01ccaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:f0::202:c001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

w01kkaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a03:b0c0:3:f0::8b:3000 (Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

wol1ckaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.118.168 (Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: ulogin.ru

ulogin.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (Ascension Island)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.9.154.76 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.154.9.5.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.87.202.200 (Irkutsk, Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta21.ru

ulclick.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:b0c0:3:e0::335:1 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

1.join2game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.74 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	wol1ckaim.com wol1ckaim.com	982 KB
10	globalsmediazs.com globalsmediazs.com	608 KB
5	google-analytics.com 2 redirects www.google-analytics.com	63 KB
4	semantiqo.com sonar.semantiqo.com	22 KB
3	join2game.com 1.join2game.com	6 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	ehpidemiya-coronavirusa.ru ehpidemiya-coronavirusa.ru	27 KB
2	aliexpress.com 1 redirects s.click.aliexpress.com best.aliexpress.com	1 KB
2	ulclick.ru ulclick.ru	867 B
2	google.de www.google.de	212 B
2	google.com 2 redirects www.google.com	344 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	301 B
1	caltat.com cdn3.caltat.com	161 B
1	exoclick.com main.exoclick.com	419 B
1	sentry-cdn.com browser.sentry-cdn.com	16 KB
1	ulogin.ru ulogin.ru	19 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	cloudflare.com cdnjs.cloudflare.com	15 KB
1	w01kkaim.com w01kkaim.com	171 B
1	w01ccaim.com w01ccaim.com	171 B
1	onlineee.info 1 redirects onlineee.info	847 B
1	jquery.com code.jquery.com	24 KB
68	22

	Domain	Requested by
29	wol1ckaim.com	globalsmediazs.com wol1ckaim.com ajax.googleapis.com
10	globalsmediazs.com	ehpidemiya-coronavirusa.ru globalsmediazs.com
5	www.google-analytics.com	2 redirects globalsmediazs.com wol1ckaim.com www.google-analytics.com
4	sonar.semantiqo.com	ulogin.ru sonar.semantiqo.com browser.sentry-cdn.com wol1ckaim.com
3	1.join2game.com	ajax.googleapis.com wol1ckaim.com 1.join2game.com
3	counter.yadro.ru	2 redirects
3	ehpidemiya-coronavirusa.ru	ehpidemiya-coronavirusa.ru
2	ulclick.ru	ulogin.ru ulclick.ru
2	www.google.de	globalsmediazs.com wol1ckaim.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
1	cdn3.caltat.com	sonar.semantiqo.com
1	best.aliexpress.com	ulclick.ru
1	s.click.aliexpress.com	1 redirects
1	main.exoclick.com	wol1ckaim.com
1	browser.sentry-cdn.com	ajax.googleapis.com
1	ulogin.ru	wol1ckaim.com
1	ajax.googleapis.com	wol1ckaim.com
1	cdnjs.cloudflare.com	wol1ckaim.com
1	w01kkaim.com	globalsmediazs.com
1	w01ccaim.com	globalsmediazs.com
1	onlineee.info	1 redirects
1	code.jquery.com	ehpidemiya-coronavirusa.ru
68	23

This site contains no links.

Subject Issuer	Validity	Valid
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
globalsmediazs.com Let's Encrypt Authority X3	`2020-05-13` - `2020-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
w01ccaim.com Let's Encrypt Authority X3	`2020-05-17` - `2020-08-15`	3 months	crt.sh
w01kkaim.com Let's Encrypt Authority X3	`2020-05-19` - `2020-08-17`	3 months	crt.sh
wol1ckaim.com Let's Encrypt Authority X3	`2020-05-17` - `2020-08-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
ulogin.ru Let's Encrypt Authority X3	`2020-05-13` - `2020-08-11`	3 months	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-05` - `2021-04-22`	a year	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2019-09-18` - `2020-10-02`	a year	crt.sh
sonar.semantiqo.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh
ulclick.ru Let's Encrypt Authority X3	`2020-05-05` - `2020-08-03`	3 months	crt.sh
join2game.com Let's Encrypt Authority X3	`2020-05-09` - `2020-08-07`	3 months	crt.sh
img.alicdn.com DigiCert Secure Site ECC CA-1	`2020-05-07` - `2021-06-21`	a year	crt.sh
cdn3.caltat.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-12` - `2021-11-11`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Frame ID: CD8063C112726E48AAEEC39FE48D4A09
Requests: 66 HTTP requests in this frame

Frame: https://1.join2game.com/api/v18/hits
Frame ID: 9AF09E93ED0F9EE05B04633C8DFD901C
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&aff_request_id=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N
Frame ID: E5563B1674A18F3F206A0D512FB2CD51
Requests: 1 HTTP requests in this frame

Frame: https://ulclick.ru/ping/?code=_eLPa5N
Frame ID: 35AA3F07869BCAFB10524BE437A4E624
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 1442188701933BFD70CEB8C9528CD0F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ehpidemiya-coronavirusa.ru/ Page URL
http://onlineee.info/jxYwwrnq HTTP 302
https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24 Page URL
https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

93 %
HTTPS

62 %
IPv6

22
Domains

23
Subdomains

19
IPs

6
Countries

1812 kB
Transfer

2240 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ehpidemiya-coronavirusa.ru/ Page URL
http://onlineee.info/jxYwwrnq HTTP 302
https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24 Page URL
https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://onlineee.info/jxYwwrnq HTTP 302
https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24

Request Chain 5

http://counter.yadro.ru/hit;site8?t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149 HTTP 302
http://counter.yadro.ru/hit;site8?q;t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149

Request Chain 20

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1449482979&t=pageview&_s=1&dl=https%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24&dr=http%3A%2F%2Fehpidemiya-coronavirusa.ru%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=777757189&gjid=273095889&cid=1471425493.1591028606&tid=UA-85255408-1&_gid=1886563645.1591028606&_r=1&z=1715996481 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_gid=1886563645.1591028606&gjid=273095889&_v=j82&z=1715996481 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481&slf_rd=1&random=2072318902

Request Chain 22

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1449482979&t=event&_s=2&dl=https%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24&dr=http%3A%2F%2Fehpidemiya-coronavirusa.ru%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=redirection&ea=ok&el=wol1ckaim.com&_u=KEBAAEAB~&jid=1730900658&gjid=851436427&cid=1471425493.1591028606&tid=UA-85255408-1&_gid=1886563645.1591028606&_r=1&z=1576277897 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85255408-1&cid=1471425493.1591028606&jid=1730900658&_gid=1886563645.1591028606&gjid=851436427&_v=j82&z=1576277897

Request Chain 61

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1240761837&t=pageview&_s=1&dl=https%3A%2F%2Fwol1ckaim.com%2Fpromos%2Ffortune-wheel%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24%26utm_source%3Dehpidemiya-coronavirusa.ru&dr=https%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BE%D0%BB%D0%B5%D1%81%D0%BE%20%D1%84%D0%BE%D1%80%D1%82%D1%83%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADU~&jid=2017209465&gjid=1608799204&cid=660620820.1591028610&tid=UA-50964168-1&_gid=404712326.1591028610&_r=1&z=567491918 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_gid=404712326.1591028610&gjid=1608799204&_v=j82&z=567491918 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918&slf_rd=1&random=3212121172

Request Chain 62

https://s.click.aliexpress.com/e/_eLPa5N HTTP 302
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&aff_request_id=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N

Request Chain 67

https://counter.yadro.ru/id127/reff-id.gif?sid=204be272a9b04d228ccff1958a8627e4 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=204be272a9b04d228ccff1958a8627e4

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
ehpidemiya-coronavirusa.ru/ 7 KB
2 KB 221ms
35ms Document
text/html 213.136.83.75
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ehpidemiya-coronavirusa.ru/
Protocol: HTTP/1.1
Server: 213.136.83.75 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi190509.contaboserver.net
Software: nginx /
Resource Hash: 585bb2799f68a6aa34d6d3c5e5340a18c4af2906e4eff27b21f916ce3623f784

Request headers

Host: ehpidemiya-coronavirusa.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 01 Jun 2020 16:23:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2270
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.min.css
ehpidemiya-coronavirusa.ru/css/ 152 KB
23 KB 29ms
28ms Stylesheet
text/css 213.136.83.75
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ehpidemiya-coronavirusa.ru/css/bootstrap.min.css
Requested by: Host: ehpidemiya-coronavirusa.ru
URL: http://ehpidemiya-coronavirusa.ru/
Protocol: HTTP/1.1
Server: 213.136.83.75 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi190509.contaboserver.net
Software: nginx /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer: http://ehpidemiya-coronavirusa.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Jun 2020 16:23:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2019 10:51:46 GMT
Server: nginx
ETag: W/"5d00d942-2606e"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ehpidemiya-coronavirusa.ru.png
ehpidemiya-coronavirusa.ru/img/ 2 KB
2 KB 43ms
31ms Image
image/png 213.136.83.75
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ehpidemiya-coronavirusa.ru/img/ehpidemiya-coronavirusa.ru.png
Requested by: Host: ehpidemiya-coronavirusa.ru
URL: http://ehpidemiya-coronavirusa.ru/
Protocol: HTTP/1.1
Server: 213.136.83.75 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi190509.contaboserver.net
Software: nginx /
Resource Hash: 38250a185329628cc9473b1fd4e7e52735fa48b073b584f852084b419bb536f4

Request headers

Referer: http://ehpidemiya-coronavirusa.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Jun 2020 16:23:25 GMT
Last-Modified: Sun, 31 May 2020 13:11:18 GMT
Server: nginx
ETag: "5ed3acf6-646"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1606
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 19ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: ehpidemiya-coronavirusa.ru
URL: http://ehpidemiya-coronavirusa.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ehpidemiya-coronavirusa.ru/
Origin: http://ehpidemiya-coronavirusa.ru

Response headers

Date: Mon, 01 Jun 2020 16:23:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-10fdd"
Vary: Accept-Encoding
X-HW: 1591028605.dop144.fr8.shc,1591028605.dop144.fr8.t,1591028605.cds007.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 23856

GET
H2

200

/ Show response
globalsmediazs.com/
Redirect Chain

http://onlineee.info/jxYwwrnq
https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24

5 KB
3 KB

440ms
385ms

Document
text/html

2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Requested by: Host: ehpidemiya-coronavirusa.ru
URL: http://ehpidemiya-coronavirusa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f1bb0e95f2397204ae0c96afa35efb1e0673e94c387feed9f6e974483d801936

Request headers

:method: GET
:authority: globalsmediazs.com
:scheme: https
:path: /?ref=fap_w12383p111_DORVULAKAN24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://ehpidemiya-coronavirusa.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ehpidemiya-coronavirusa.ru/

Response headers

status: 200
server: nginx
date: Mon, 01 Jun 2020 16:23:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: visited_landings=%7B%22231665%22%3A%5B440%5D%7D referer=http%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24; expires=Mon, 01-Jun-2020 16:23:27 GMT; Max-Age=1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
via: 1.1 google
x-pcdn-proxy-cache: MISS
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 01 Jun 2020 16:23:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.9
Last-Modified: Mon, 01 Jun 2020 16:23:25 GMT
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: 0
Set-Cookie: _subid=289crkbch2cl8k;Expires=Thursday, 02-Jul-2020 16:23:25 GMT;Max-Age=2678400;Path=/ bc1fc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI0NFwiOjE1OTEwMjg2MDV9LFwiY2FtcGFpZ25zXCI6e1wiMzBcIjoxNTkxMDI4NjA1fSxcInRpbWVcIjoxNTkxMDI4NjA1fSJ9.OMwKZafeYyRfbKO4lSLuZ-_7bZ62ymjdwYwDJhgGnC4;Expires=Thursday, 02-Jul-2020 16:23:25 GMT;Max-Age=2678400;Path=/
Location: https://globalsmediazs.com?ref=fap_w12383p111_DORVULAKAN24
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

hit;site8
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;site8?t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149
http://counter.yadro.ru/hit;site8?q;t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149

602 B
971 B

62ms
61ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit;site8?q;t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149
Protocol: HTTP/1.1
Server: 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host216.rax.ru
Software: 0W/0.8c /
Resource Hash

Request headers

Referer: http://ehpidemiya-coronavirusa.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Jun 2020 16:23:25 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: Close
Content-Type: image/gif
Content-Length: 602
Expires: Sat, 01 Jun 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Jun 2020 16:23:25 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: http://counter.yadro.ru/hit;site8?q;t29.8;r;s1600*1200*24;uhttp%3A//ehpidemiya-coronavirusa.ru/;hehpidemiya-coronavirusa.ru;0.8169281128898149
Cache-control: no-cache
Content-Type: text/html
Content-Length: 32
Expires: Sat, 01 Jun 2019 21:00:00 GMT

GET
H2 200 vulkanclub.css
globalsmediazs.com/assets/css/ 5 KB
5 KB 7ms
5ms Stylesheet
text/css 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/css/vulkanclub.css?58e0bc2c00122037bfc93e7bb1780b6d
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a24a9be29c76bcdce7bd93fd107395baefd8fc0cc5acb5d3ed5447880991bca

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:27 GMT
server: nginx
etag: "5ec6e6ff-1279"
content-type: text/css
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 4729
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:13:41 GMT

GET
H2 200 jquery-2.1.4.min.js Show response
globalsmediazs.com/assets/js/vendor/ 82 KB
83 KB 12ms
10ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/vendor/jquery-2.1.4.min.js
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:27 GMT
server: nginx
etag: "5ec6e6ff-14979"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 84345
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:54 GMT

GET
H2 200 mobile-detect.min.js Show response
globalsmediazs.com/assets/js/vendor/ 38 KB
38 KB 22ms
20ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/vendor/mobile-detect.min.js
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:27 GMT
server: nginx
etag: "5ec6e6ff-9624"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 38436
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:54 GMT

GET
H2 200 ga.js Show response
globalsmediazs.com/assets/js/vendor/ 151 B
405 B 22ms
21ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/vendor/ga.js?fdf0467d1cc9cee3322c918c24dd7cc7
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d0afb787e16bba36010a5f0211a1f953b484e9a5b957629ebed2b8715503985

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:30 GMT
server: nginx
etag: "5ec6e702-97"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 151
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:55 GMT

GET
H2 200 utils.js Show response
globalsmediazs.com/assets/js/includes/ 2 KB
3 KB 22ms
21ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/includes/utils.js?fdf0467d1cc9cee3322c918c24dd7cc7
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f5582370e77ee531b7a4d097545808b7454650ee4f4aaa5a30df73424c296862

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:27 GMT
server: nginx
etag: "5ec6e6ff-9b3"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 2483
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:55 GMT

GET
H2 200 mirrors.js Show response
globalsmediazs.com/assets/js/includes/ 5 KB
6 KB 22ms
21ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/includes/mirrors.js?fdf0467d1cc9cee3322c918c24dd7cc7
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ccce79d36924d83301aa8a4b690c2bad980318c11a6ff55b445bfe6ee1b83b3

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:30 GMT
server: nginx
etag: "5ec6e702-15d6"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 5590
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5227
date: Mon, 01 Jun 2020 14:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 01 Jun 2020 16:56:19 GMT

GET
H2 200 main-custom.js Show response
globalsmediazs.com/assets/js/ 3 KB
4 KB 23ms
22ms Script
application/javascript 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/js/main-custom.js?fdf0467d1cc9cee3322c918c24dd7cc7
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d98d7ccbfd97e04157f64673c2d93a1a884011fdd6b65b32146fd912867739c5

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:30 GMT
server: nginx
etag: "5ec6e702-d5c"
content-type: application/javascript
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 3420
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:09:55 GMT

GET
H2 200 vulkan.jpg
globalsmediazs.com/assets/images/vulkanclub/ 37 KB
37 KB 10ms
10ms Image
image/jpeg 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalsmediazs.com/assets/images/vulkanclub/vulkan.jpg
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 32625b4d1942519315ce37a3dcf7162d70a8a207bc492dc1969b39dd8cc62bf2

Request headers

Referer: https://globalsmediazs.com/assets/css/vulkanclub.css?58e0bc2c00122037bfc93e7bb1780b6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:30 GMT
server: nginx
etag: "5ec6e702-936e"
content-type: image/jpeg
status: 200
cache-control: max-age=864000, public
accept-ranges: bytes
content-length: 37742
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:18:40 GMT

GET
H2 200 ping.php Show response
w01ccaim.com/ 55 B
171 B 83ms
19ms Script
application/json 2a03:b0c0:2:f0::337:f001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w01ccaim.com/ping.php?timestamp=1591028606418&callback=jQuery21409085509701738315_1591028606377&_=1591028606378
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/assets/js/vendor/jquery-2.1.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::337:f001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c89ca59b1817ffd238f1c18a600d9201fd77c76bee64f1f593a1fa3eaea9ae49

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 01 Jun 2020 16:23:26 GMT
server: nginx
access-control-allow-origin: *
content-length: 55
access-control-allow-methods: GET
content-type: application/json

GET
H2 200 ping.php Show response
w01kkaim.com/ 55 B
171 B 81ms
17ms Script
application/json 2a03:b0c0:2:f0::202:c001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://w01kkaim.com/ping.php?timestamp=1591028606420&callback=jQuery21409085509701738315_1591028606379&_=1591028606380
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/assets/js/vendor/jquery-2.1.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::202:c001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b5f777ca08aa11247e879970d0391cdfe12f9012b1fd9e96d270cc9453f235f

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 01 Jun 2020 16:23:26 GMT
server: nginx
access-control-allow-origin: *
content-length: 55
access-control-allow-methods: GET
content-type: application/json

GET
H2 200 ping.php Show response
wol1ckaim.com/ 55 B
171 B 57ms
5ms Script
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/ping.php?timestamp=1591028606421&callback=jQuery21409085509701738315_1591028606381&_=1591028606382
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/assets/js/vendor/jquery-2.1.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: f6ee883f29ccd43a8444d42724f5cf4b421e405225e9b737acb1e4d038a97881

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 01 Jun 2020 16:23:26 GMT
server: nginx
access-control-allow-origin: *
content-length: 55
access-control-allow-methods: GET
content-type: application/json

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1449482979&t=pageview&_s=1&dl=https%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24&dr=http%3A%2F%2Fehpidemiya-coronavirusa...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_gid=1886563645.1591028606&gjid=273095889&_v=j82&z=1715996481
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481&slf_rd=1&random=2072318902

42 B
106 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481&slf_rd=1&random=2072318902

Requested by

Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Jun 2020 16:23:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Jun 2020 16:23:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85255408-1&cid=1471425493.1591028606&jid=777757189&_v=j82&z=1715996481&slf_rd=1&random=2072318902
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 vulkanclub.mp4
globalsmediazs.com/assets/video/ 429 KB
430 KB 6ms
6ms Media
video/mp4 2a03:b0c0:3:f0::1b:6000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsmediazs.com/assets/video/vulkanclub.mp4
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::1b:6000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ad05d6f904c11840caf7f54607d08f86069ae3d76c6f53fb1de0ab67880e4bb6

Request headers

Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:26 GMT
via: 1.1 google
last-modified: Thu, 21 May 2020 20:39:27 GMT
server: nginx
etag: "5ec6e6ff-6b544"
content-type: video/mp4
status: 206
cache-control: max-age=864000, public
Content-Range: bytes 0-439619/439620
Content-Length: 439620
x-pcdn-proxy-cache: HIT
expires: Thu, 04 Jun 2020 19:22:28 GMT

GET
H2 200 Primary Request / Show response
wol1ckaim.com/promos/fortune-wheel/ 10 KB
2 KB 23ms
22ms Document
text/html 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Requested by: Host: globalsmediazs.com
URL: https://globalsmediazs.com/assets/js/main-custom.js?fdf0467d1cc9cee3322c918c24dd7cc7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a385be1f54f2b8f7033bd80cfb7751b70978e35f8365bc990881cda5ada7aa9

Request headers

:method: GET
:authority: wol1ckaim.com
:scheme: https
:path: /promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://globalsmediazs.com/?ref=fap_w12383p111_DORVULAKAN24

Response headers

status: 200
server: nginx
date: Mon, 01 Jun 2020 16:23:29 GMT
content-type: text/html
last-modified: Mon, 01 Jun 2020 16:11:37 GMT
etag: W/"5ed528b9-2634"
content-encoding: gzip

GET

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1449482979&t=event&_s=2&dl=https%3A%2F%2Fglobalsmediazs.com%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24&dr=http%3A%2F%2Fehpidemiya-coronavirusa.ru...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85255408-1&cid=1471425493.1591028606&jid=1730900658&_gid=1886563645.1591028606&gjid=851436427&_v=j82&z=1576277897

0
0

GET
H2 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.0/ 36 KB
15 KB 34ms
33ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.0/mobile-detect.min.js?v=1591027896013

Requested by

Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4990451
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 03124b0a580000d705e60d1200000001
served-in-seconds: 0.012
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:24:27 GMT
server: cloudflare
etag: W/"5afd4a4b-8e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59ca478a2c5ed705-FRA
expires: Sat, 22 May 2021 16:23:29 GMT

GET
H2 200 style.css
wol1ckaim.com/promos/fortune-wheel/assets/css/ 26 KB
26 KB 11ms
11ms Stylesheet
text/css 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 67afc97cbd7f59222c1142d25766813e1d669c415295a7a8d005620992c42479

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:11:23 GMT
server: nginx
etag: "5ed528ab-6829"
content-type: text/css
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 26665
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 logo.svg
wol1ckaim.com/promos/fortune-wheel/images/ 94 KB
95 KB 7ms
6ms Image
image/svg+xml 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/logo.svg
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5038d3517a23001f7c51b3ba8a4c37c623ea4fd5b148e60375258088a52ae177

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:23 GMT
server: nginx
etag: "5ed4fbe7-179c0"
content-type: image/svg+xml
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 96704
expires: Mon, 01 Jun 2020 16:24:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Requested by

Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jun 2021 16:12:33 GMT

GET
H/1.1 200
OK ulogin.js Show response
ulogin.ru/js/ 54 KB
19 KB 305ms
114ms Script
application/x-javascript 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/js/ulogin.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: d4395b50b497d7459c67cd25761ae7d9e8e216dab45a362b89ae7c5471d1f814

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Jun 2020 16:23:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Nov 2019 19:07:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 04 Jun 2020 16:23:31 GMT

GET
H2 200 cookie.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 1007 B
1 KB 6ms
6ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/cookie.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 846d04535b5c2a5a519fcec35392465a9ec78f915be45fd46da1545216182c29

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:09:00 GMT
server: nginx
etag: "5ed5281c-3ef"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 1007
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 shared.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 14 KB
14 KB 10ms
8ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/shared.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bd0e8ee9337e6ae48c0080c652c26c4eea5ad5b144caf4870c27ed137c9fd87e

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:09:11 GMT
server: nginx
etag: "5ed52827-3909"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 14601
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 intlTelInput-jquery.min.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 28 KB
29 KB 10ms
9ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/intlTelInput-jquery.min.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 814f3c10cdb5337b52a6df857ad235385acc434227b02d8b44aebd6cd718bc11

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:11:28 GMT
server: nginx
etag: "5ed528b0-7140"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 28992
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 wheel.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 837 B
1 KB 10ms
10ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/wheel.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3dd173f121f01cf9dd4606425927ea40609e330fdd815c00fc7f66699ed8ee47

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:11:28 GMT
server: nginx
etag: "5ed528b0-345"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 837
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 popup.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 2 KB
2 KB 11ms
10ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/popup.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: df29627d1563a83ba432c4e2f370f1556b91fafdcc18ddaadb409efd61b620b2

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:11:28 GMT
server: nginx
etag: "5ed528b0-825"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 2085
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 main.js Show response
wol1ckaim.com/promos/fortune-wheel/assets/js/ 282 B
503 B 11ms
10ms Script
application/x-javascript 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/main.js?v=1591027896013
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dce74f6bf16651ae48050b2154916610f1429f72d9d4f04803c158a172138b7

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 16:11:28 GMT
server: nginx
etag: "5ed528b0-11a"
content-type: application/x-javascript
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 282
expires: Mon, 01 Jun 2020 17:12:24 GMT

GET
H2 200 intlTelInput.css
wol1ckaim.com/promos/fortune-wheel/assets/css/ 25 KB
26 KB 6ms
6ms Stylesheet
text/css 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wol1ckaim.com/promos/fortune-wheel/assets/css/intlTelInput.css
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8bece701632e4a2991bff9e415b70d980872eb394ea21d85063844366b4fd1a5

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:28 GMT
server: nginx
etag: "5ed4fbec-6583"
content-type: text/css
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 25987
expires: Mon, 01 Jun 2020 16:50:54 GMT

GET
H2 200 bg.png
wol1ckaim.com/promos/fortune-wheel/images/ 338 KB
339 KB 7ms
5ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/bg.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ab6dae0fb5ce50128b831a281b7a1ea5528bbb4059cc188ce0e84cecb6124c38

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:26 GMT
server: nginx
etag: "5ed4fbea-54939"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 346425
expires: Mon, 01 Jun 2020 16:50:54 GMT

GET
H2 200 wheel__lamps.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 58 KB
59 KB 17ms
16ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__lamps.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dbfcc5c9acbe5c868a56e8a5f375c3cea6dacee2c6813a0d2b49bf9bfc60e16f

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-e9a4"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 59812
expires: Mon, 01 Jun 2020 16:50:54 GMT

GET
H2 200 wheel__big.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 35 KB
35 KB 18ms
16ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__big.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 16bbac156810f5843c31dd7ce3966f3eebccccab5317e56d3dabe3b736a75375

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-8b4d"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 35661
expires: Mon, 01 Jun 2020 17:06:02 GMT

GET
H2 200 wheel__small.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 34 KB
35 KB 18ms
17ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__small.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 792c4727a221e714a48b7405834db0ddb12fc13b9242fe6ab73a5734d74c6f1d

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-890f"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 35087
expires: Mon, 01 Jun 2020 17:06:02 GMT

GET
H2 200 wheel__start-btn.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 8 KB
9 KB 18ms
17ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__start-btn.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dc6571b2fac0970b22bd90c57119e1355a40a75513fbc3966763c5fff7c2271f

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-214f"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 8527
expires: Mon, 01 Jun 2020 16:50:55 GMT

GET
H2 200 wheel__win-zone.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 20 KB
20 KB 17ms
17ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__win-zone.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 575cd6a363789b9bb83d75e927189c094db2e45257a44b7a1ab838edc03c4799

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-502a"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 20522
expires: Mon, 01 Jun 2020 17:06:02 GMT

GET
H2 200 wheel__stand.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 15 KB
15 KB 14ms
13ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__stand.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1bb660e2608e198b1640d7b4ab50b9269e49bfec27cf280595f36e3edd2decff

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-3cb4"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 15540
expires: Mon, 01 Jun 2020 16:50:55 GMT

GET
H2 200 girl-1920.png
wol1ckaim.com/promos/fortune-wheel/images/ 125 KB
126 KB 14ms
13ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/girl-1920.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: fe72211bf26261411d8e08c59180a9c69f1d6d853f89c6201fc94e956024bb94

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:26 GMT
server: nginx
etag: "5ed4fbea-1f54c"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 128332
expires: Mon, 01 Jun 2020 17:06:02 GMT

GET
H2 200 text-1920.png
wol1ckaim.com/promos/fortune-wheel/images/ 8 KB
8 KB 14ms
14ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/text-1920.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 80d26ae3f3fb0f211fbc0a31c1e991288782787cd6cc3e0fadd1117ba0132842

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:26 GMT
server: nginx
etag: "5ed4fbea-2037"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 8247
expires: Mon, 01 Jun 2020 17:06:02 GMT

GET
H2 200 sprite.png
wol1ckaim.com/promos/fortune-wheel/images/ 50 KB
50 KB 14ms
14ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/sprite.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 20da6de24a03d8dbf8d08e0827a519caf2dd7c0e33cefc84ae3076ac97ede403

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:26 GMT
server: nginx
etag: "5ed4fbea-c785"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 51077
expires: Mon, 01 Jun 2020 16:50:55 GMT

GET
H2 200 flags.png
wol1ckaim.com/promos/fortune-wheel/images/popup/ 21 KB
22 KB 6ms
6ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/popup/flags.png
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/intlTelInput-jquery.min.js?v=1591027896013
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 781d0530898bc205c19ab41ce5a45e15365e953ce9ec906d1ccbadb3062a3651

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:29 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-554d"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 21837
expires: Mon, 01 Jun 2020 16:50:55 GMT

POST
H2 200 host Show response
wol1ckaim.com/api/v11/statistics/track/ 26 B
382 B 146ms
146ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v11/statistics/track/host?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b35b9264b97e135fed319953849ce5e95241f2e836f10e9a73bb7c9689113dba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=utf-8
status: 200
cache-control: no-cache, private
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"

POST
H2 200 hit Show response
wol1ckaim.com/api/v11/statistics/track/ 26 B
383 B 146ms
145ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v11/statistics/track/hit?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b35b9264b97e135fed319953849ce5e95241f2e836f10e9a73bb7c9689113dba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=utf-8
status: 200
cache-control: no-cache, private
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"

GET
H2 200 settings Show response
wol1ckaim.com/api/v18/ 6 KB
2 KB 151ms
151ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v18/settings?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81c7b811df5fcae77736f7af6d2243f1fbe922cf52adf7981a9493d038db4dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
vary: Accept-Encoding, Content-Language, User-Agent
last-modified: Mon, 01 Jun 2020 16:23:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
status: 200
expires: Mon, 01 Jun 2020 16:28:30 GMT
cache-control: max-age=300, public, s-maxage=300
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache: MISS
x-proxy-cache: MISS

GET
H2 200 settings Show response
wol1ckaim.com/api/v18/ 6 KB
2 KB 177ms
177ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v18/settings?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81c7b811df5fcae77736f7af6d2243f1fbe922cf52adf7981a9493d038db4dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
vary: Accept-Encoding, Content-Language, User-Agent
last-modified: Mon, 01 Jun 2020 16:23:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
status: 200
expires: Mon, 01 Jun 2020 16:28:30 GMT
cache-control: max-age=300, public, s-maxage=300
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache: MISS
x-proxy-cache: MISS

GET
H2 200 settings Show response
wol1ckaim.com/api/v18/ 6 KB
2 KB 157ms
157ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v18/settings?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81c7b811df5fcae77736f7af6d2243f1fbe922cf52adf7981a9493d038db4dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
vary: Accept-Encoding, Content-Language, User-Agent
last-modified: Mon, 01 Jun 2020 16:23:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
status: 200
expires: Mon, 01 Jun 2020 16:28:30 GMT
cache-control: max-age=300, public, s-maxage=300
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache: MISS
x-proxy-cache: MISS

GET
H2 200 settings Show response
wol1ckaim.com/api/v18/ 6 KB
2 KB 150ms
150ms XHR
application/json 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wol1ckaim.com/api/v18/settings?projectId=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81c7b811df5fcae77736f7af6d2243f1fbe922cf52adf7981a9493d038db4dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
vary: Accept-Encoding, Content-Language, User-Agent
last-modified: Mon, 01 Jun 2020 16:23:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
status: 200
expires: Mon, 01 Jun 2020 16:28:30 GMT
cache-control: max-age=300, public, s-maxage=300
content-security-policy: upgrade-insecure-requests
link: <https://wol1ckaim.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-pcdn-proxy-cache: MISS
x-proxy-cache: MISS

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.4.0/ 49 KB
16 KB 538ms
522ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.4.0/bundle.min.js?_=1591028609703

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e67f227cae68c48f2271412359f3bd69ceece78f99db2759ce9c600be896f0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 13:00:31 GMT
server: Fastly
age: 0
etag: "00cd3e90ccea4ddfb36ac45ccb773475"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15960
expires: Tue, 01 Jun 2021 16:23:30 GMT

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 97ms
37ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=3e50833ade1b7d6fea055ae280997308
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Jun 2020 16:23:30 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 checking.js Show response
sonar.semantiqo.com/c83ul/ 21 KB
21 KB 86ms
28ms Script
application/javascript 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c83ul/checking.js

Requested by

Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e0f80596fbc8de9be196589720fc25a245d43f4da3c1f75dbedfaa92d14ec5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
mode: no-cors
last-modified: Mon, 01 Jun 2020 12:47:05 GMT
server: nginx/1.16.1
status: 200
etag: "5ed4f8c9-5361"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 21345

GET
H/1.1 200
OK b-count.js Show response
ulclick.ru/ 646 B
867 B 426ms
312ms Script
application/javascript 80.87.202.200
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ulclick.ru/b-count.js

Requested by

Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js?v=1591027896013

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.87.202.200 Irkutsk, Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta21.ru

Software

nginx/1.13.12 /

Resource Hash

0a7005cd43fb8cc599446faeb279fe7c075ae625f422aa3f5ed315819952e09f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Jun 2020 16:23:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Monday, 01-Jun-2020 16:23:30 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 track Show response
1.join2game.com/api/v18/ 41 B
806 B 277ms
243ms XHR
application/json 2a03:b0c0:3:e0::335:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://1.join2game.com/api/v18/track

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?v=1591027896013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a03:b0c0:3:e0::335:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3a29d3a8f96618b5689f1b21fb26cd53f4aff14d2b67a907680b129188ef81ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
status: 200
pragma: no-cache
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wol1ckaim.com
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token
cache-control: private, must-revalidate
access-control-allow-credentials: true
link: <http://1.join2game.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
x-proxy-cache: MISS
x-pcdn-proxy-cache: MISS
expires: -1

GET
H2 200 mwla-1.0.js Show response
1.join2game.com/js/ 5 KB
5 KB 50ms
21ms Script
application/javascript 2a03:b0c0:3:e0::335:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://1.join2game.com/js/mwla-1.0.js
Requested by: Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/shared.js?v=1591027896013
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:e0::335:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
last-modified: Mon, 01 Jun 2020 10:20:10 GMT
server: nginx
etag: "5ed4d65a-1249"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4681
x-pcdn-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/assets/js/shared.js?v=1591027896013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5231
date: Mon, 01 Jun 2020 14:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 01 Jun 2020 16:56:19 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 66 KB
26 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MMM2WRZ&cid=660620820.1591028610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57a7734556b975fb986565db9a9a0720c9a33420b4933f2f17a7fbbb96535c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26729
x-xss-protection: 0
last-modified: Mon, 01 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jun 2020 16:23:30 GMT

POST
H2 200 hits
1.join2game.com/api/v18/ Frame 9AF0 0
0 276ms
276ms Document
text/html 2a03:b0c0:3:e0::335:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://1.join2game.com/api/v18/hits
Requested by: Host: 1.join2game.com
URL: https://1.join2game.com/js/mwla-1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:e0::335:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: POST
:authority: 1.join2game.com
:scheme: https
:path: /api/v18/hits
content-length: 377
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://wol1ckaim.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://wol1ckaim.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Response headers

status: 200
server: nginx
date: Mon, 01 Jun 2020 16:23:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding User-Agent
set-cookie: PHPSESSID=3jn1h203b36cco0fpbths8b8gh; path=/; HttpOnly gstId=680f354d-acf6-4d0f-8282-ea6180c14dcf; expires=Tue, 01-Jun-2021 16:23:30 GMT; Max-Age=31536000; path=/; secure; samesite=none tracker=organic_direct; expires=Wed, 01-Jul-2020 16:23:30 GMT; Max-Age=2592000; path=/; domain=.1.join2game.com; secure; samesite=none
cache-control: private, must-revalidate
link: <http://1.join2game.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
access-control-allow-origin: https://wol1ckaim.com
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token, Protection-Phrase, Protection-Signature, Verification-Token
pragma: no-cache
expires: -1
content-encoding: gzip

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1240761837&t=pageview&_s=1&dl=https%3A%2F%2Fwol1ckaim.com%2Fpromos%2Ffortune-wheel%2F%3Fref%3Dfap_w12383p111_DORVULAKAN24%26utm_source%3Dehpi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_gid=404712326.1591028610&gjid=1608799204&_v=j82&z=567491918
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918&slf_rd=1&random=3212121172

42 B
106 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918&slf_rd=1&random=3212121172

Requested by

Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Jun 2020 16:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Jun 2020 16:23:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50964168-1&cid=660620820.1591028610&jid=2017209465&_v=j82&z=567491918&slf_rd=1&random=3212121172
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ru.htm
best.aliexpress.com/ Frame E556
Redirect Chain

https://s.click.aliexpress.com/e/_eLPa5N
https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&...

0
0

798ms
759ms

Document
text/html

104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&aff_request_id=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N

Requested by

Host: ulclick.ru
URL: https://ulclick.ru/b-count.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.214.74 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-74.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: best.aliexpress.com
:scheme: https
:path: /ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&aff_request_id=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ali_apache_id=10.182.248.34.1591028610560.529666.4; xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N%22%2C%22affiliateKey%22%3A%22_eLPa5N%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008220007%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222148105938%22%2C%22tagtime%22%3A1591028610563%7D&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0; acs_usuc_t=x_csrf=4769tkt2lya_&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0; aeu_cid=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N; xman_t=D7Gj0u/V2OhJP4Z9KNFOid0vsojYDZUK4u5w0RfI+JZoi+shttVBR5VQn+OzpwSo; xman_f=J5m6649jyl/2pud8JgnZyZZqp3VxFCP2Jg9P5vpZEwwXJXLME8Phyi1UqIue78aKR6DLnLFenAK0fQXwdq9ky25eylx7xpSxrNhZRPVtO/ETZi1IuFpTAg==; traffic_se_co=%7B%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Response headers

status: 200
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: ru-RU
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0ab50f6215910286107871373e7894
timing-allow-origin: *
date: Mon, 01 Jun 2020 16:23:31 GMT
set-cookie: xman_us_f=x_locale=ru_RU&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N%22%2C%22affiliateKey%22%3A%22_eLPa5N%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008220007%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222148105938%22%2C%22tagtime%22%3A1591028610563%7D&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; Secure; SameSite=None intl_locale=ru_RU; Domain=.aliexpress.com; Path=/ aep_usuc_f=site=rus&c_tp=USD&region=US&b_locale=en_US; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; Secure; SameSite=None intl_common_forever=NL8EwMlP9bF4KoWvYa/4gTd9VJPsMszw1FaSK3UIm3UxxU1uIo7l7Q==; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; HttpOnly

Redirect headers

status: 302
content-length: 0
x-application-context: affiliateclick:prod,us:7001
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=0
location: https://best.aliexpress.com/ru.htm?aff_platform=portals-promotion&sk=_eLPa5N&aff_trace_key=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N&terminal_id=5e0f2de742d74d979b20e3cf73ae62c0&aff_request_id=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0ab6f82215910286105606162e6afd
timing-allow-origin: *
date: Mon, 01 Jun 2020 16:23:30 GMT
set-cookie: ali_apache_id=10.182.248.34.1591028610560.529666.4; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N%22%2C%22affiliateKey%22%3A%22_eLPa5N%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008220007%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222148105938%22%2C%22tagtime%22%3A1591028610563%7D&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=4769tkt2lya_&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; Secure; SameSite=None xman_t=D7Gj0u/V2OhJP4Z9KNFOid0vsojYDZUK4u5w0RfI+JZoi+shttVBR5VQn+OzpwSo; Domain=.aliexpress.com; Path=/; Secure; SameSite=None; HttpOnly xman_f=J5m6649jyl/2pud8JgnZyZZqp3VxFCP2Jg9P5vpZEwwXJXLME8Phyi1UqIue78aKR6DLnLFenAK0fQXwdq9ky25eylx7xpSxrNhZRPVtO/ETZi1IuFpTAg==; Domain=.aliexpress.com; Expires=Sat, 19-Jun-2088 19:37:37 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D;Max-Age=2147483647;domain=aliexpress.com;path=/

GET
H/1.1 200
OK /
ulclick.ru/ping/ Frame 35AA 0
0 65ms
64ms Document
text/html 80.87.202.200
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ulclick.ru/ping/?code=_eLPa5N

Requested by

Host: ulclick.ru
URL: https://ulclick.ru/b-count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.87.202.200 Irkutsk, Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta21.ru

Software

nginx/1.13.12 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: ulclick.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utm1=1:96cfe11c-0465-442d-95e7-c14c7bfc3db3; ttl_d29sMWNrYWltLmNvbQzz=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Response headers

Server: nginx/1.13.12
Date: Mon, 01 Jun 2020 16:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Expires: Mon, 01 Jun 2020 16:23:30 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Last-Modified: Monday, 01-Jun-2020 16:23:30 GMT

GET
H2 200 /
sonar.semantiqo.com/i/ Frame 1442 0
0 27ms
27ms Document
text/html 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/i/

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: sonar.semantiqo.com
:scheme: https
:path: /i/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Response headers

status: 200
server: nginx/1.16.1
date: Mon, 01 Jun 2020 16:23:30 GMT
content-type: text/html
last-modified: Tue, 10 Mar 2020 08:47:01 GMT
etag: W/"5e675405-a6"
content-encoding: gzip
strict-transport-security: max-age=15768000
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache

GET
H2 200 ces.php Show response
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 0
161 B 109ms
38ms Script
application/javascript 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=204be272a9b04d228ccff1958a8627e4

Requested by

Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/c83ul/checking.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
mode: no-cors
referrer-policy: no-referrer
server: nginx/1.16.1
status: 200
strict-transport-security: max-age=15768000
content-type: application/javascript
access-control-allow-origin: *

POST
H2 200 analize.js
sonar.semantiqo.com/c83ul/ 0
0 78ms
28ms Fetch
text/html 5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sonar.semantiqo.com/c83ul/analize.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js?_=1591028609703

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/no-referrer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 01 Jun 2020 16:23:30 GMT
content-encoding: gzip
status: 200
server: nginx/1.16.1
mode: no-cors
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain

https://counter.yadro.ru/id127/reff-id.gif?sid=204be272a9b04d228ccff1958a8627e4
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=204be272a9b04d228ccff1958a8627e4

0
387 B

28ms
27ms

Image
text/html

5.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=204be272a9b04d228ccff1958a8627e4

Requested by

Host: wol1ckaim.com
URL: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.76.154.9.5.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/?ref=fap_w12383p111_DORVULAKAN24&utm_source=ehpidemiya-coronavirusa.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:23:31 GMT
content-encoding: gzip
status: 200
server: nginx/1.16.1
mode: no-cors
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=204be272a9b04d228ccff1958a8627e4
Date: Mon, 01 Jun 2020 16:23:30 GMT
Server: nginx/1.11.1
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 wheel__lamps_2.png
wol1ckaim.com/promos/fortune-wheel/images/wheel/ 57 KB
58 KB 11ms
11ms Image
image/png 2a03:b0c0:3:f0::8b:3000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wol1ckaim.com/promos/fortune-wheel/images/wheel/wheel__lamps_2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:3:f0::8b:3000 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ad11401884be9fd0545ecb5a1b5cc091598b66b5c463f1bdc2068af3839c93e

Request headers

Referer: https://wol1ckaim.com/promos/fortune-wheel/assets/css/style.css?v=1591027896013
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Jun 2020 16:23:31 GMT
last-modified: Mon, 01 Jun 2020 13:00:29 GMT
server: nginx
etag: "5ed4fbed-e59a"
content-type: image/png
status: 200
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 58778
expires: Mon, 01 Jun 2020 17:08:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85255408-1&cid=1471425493.1591028606&jid=1730900658&_gid=1886563645.1591028606&gjid=851436427&_v=j82&z=1576277897

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sonar.semantiqo.com/	1970-01-20 09:57:08	Name: semantiqo_a Value: 204be272a9b04d228ccff1958a8627e4
ulclick.ru/	1969-12-31 23:59:59	Name: ttl_d29sMWNrYWltLmNvbQzz Value: 0
.aliexpress.com/	1970-02-13 06:28:32	Name: aeu_cid Value: d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N
ulclick.ru/	1970-01-19 18:42:44	Name: utm1 Value: 1:96cfe11c-0465-442d-95e7-c14c7bfc3db3
.aliexpress.com/	1970-02-13 06:28:32	Name: traffic_se_co Value: %7B%7D
.aliexpress.com/	1970-02-13 06:28:32	Name: intl_common_forever Value: NL8EwMlP9bF4KoWvYa/4gTd9VJPsMszw1FaSK3UIm3UxxU1uIo7l7Q==
.aliexpress.com/	1970-02-13 06:28:32	Name: xman_f Value: J5m6649jyl/2pud8JgnZyZZqp3VxFCP2Jg9P5vpZEwwXJXLME8Phyi1UqIue78aKR6DLnLFenAK0fQXwdq9ky25eylx7xpSxrNhZRPVtO/ETZi1IuFpTAg==
.aliexpress.com/	1970-02-13 06:28:32	Name: aep_usuc_f Value: site=rus&c_tp=USD&region=US&b_locale=en_US
.aliexpress.com/	1969-12-31 23:59:59	Name: xman_t Value: D7Gj0u/V2OhJP4Z9KNFOid0vsojYDZUK4u5w0RfI+JZoi+shttVBR5VQn+OzpwSo
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=4769tkt2lya_&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0
.aliexpress.com/	1969-12-31 23:59:59	Name: intl_locale Value: ru_RU
.aliexpress.com/	1970-02-11 23:19:44	Name: ali_apache_id Value: 10.182.248.34.1591028610560.529666.4
wol1ckaim.com/	1970-01-21 05:45:08	Name: fco2r34 Value: 204be272a9b04d228ccff1958a8627e4
.wol1ckaim.com/	1970-01-19 09:57:08	Name: _gat Value: 1
wol1ckaim.com/	1970-01-19 18:42:44	Name: gstId Value: 680f354d-acf6-4d0f-8282-ea6180c14dcf
.aliexpress.com/	1970-02-13 06:28:32	Name: xman_us_f Value: x_locale=ru_RU&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22d212061f00204305a3da4e1992e5640a-1591028610563-08379-_eLPa5N%22%2C%22affiliateKey%22%3A%22_eLPa5N%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008220007%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222148105938%22%2C%22tagtime%22%3A1591028610563%7D&acs_rt=5e0f2de742d74d979b20e3cf73ae62c0
.wol1ckaim.com/	1970-01-20 03:28:20	Name: _ga Value: GA1.2.660620820.1591028610
wol1ckaim.com/	1970-01-21 05:45:08	Name: dbl Value: 204be272a9b04d228ccff1958a8627e4
.wol1ckaim.com/	1970-01-19 10:40:20	Name: landingCode Value: fortune-wheel
.wol1ckaim.com/	1970-01-19 09:58:35	Name: _gid Value: GA1.2.404712326.1591028610
wol1ckaim.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 31srfjlmam528ji1osbouqcj17
.wol1ckaim.com/	1970-01-19 10:40:20	Name: utm_tags Value: {"utm_source":"ehpidemiya-coronavirusa.ru"}
.wol1ckaim.com/	1970-01-19 10:40:20	Name: tracker Value: fap_w12383p111_DORVULAKAN24
.wol1ckaim.com/	1969-12-31 23:59:59	Name: last_aff Value: fap_w12383p111_DORVULAKAN24
.wol1ckaim.com/	1970-01-23 01:33:08	Name: aff Value: fap_w12383p111_DORVULAKAN24

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.join2game.com
ajax.googleapis.com
best.aliexpress.com
browser.sentry-cdn.com
cdn3.caltat.com
cdnjs.cloudflare.com
code.jquery.com
counter.yadro.ru
ehpidemiya-coronavirusa.ru
globalsmediazs.com
main.exoclick.com
onlineee.info
s.click.aliexpress.com
sonar.semantiqo.com
stats.g.doubleclick.net
ulclick.ru
ulogin.ru
w01ccaim.com
w01kkaim.com
wol1ckaim.com
www.google-analytics.com
www.google.com
www.google.de
stats.g.doubleclick.net
104.111.214.74
178.238.234.54
2001:4de0:ac19::1:b:2b
213.136.83.75
2606:4700::6810:85e5
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:400c:c03::9d
2a03:b0c0:2:f0::202:c001
2a03:b0c0:2:f0::337:f001
2a03:b0c0:3:e0::335:1
2a03:b0c0:3:f0::1b:6000
2a03:b0c0:3:f0::8b:3000
2a04:4e42:600::729
5.9.154.76
80.87.202.200
88.212.201.216
95.163.118.168
95.211.229.245
0a7005cd43fb8cc599446faeb279fe7c075ae625f422aa3f5ed315819952e09f
16bbac156810f5843c31dd7ce3966f3eebccccab5317e56d3dabe3b736a75375
1bb660e2608e198b1640d7b4ab50b9269e49bfec27cf280595f36e3edd2decff
1ccce79d36924d83301aa8a4b690c2bad980318c11a6ff55b445bfe6ee1b83b3
1d0afb787e16bba36010a5f0211a1f953b484e9a5b957629ebed2b8715503985
20da6de24a03d8dbf8d08e0827a519caf2dd7c0e33cefc84ae3076ac97ede403
2a385be1f54f2b8f7033bd80cfb7751b70978e35f8365bc990881cda5ada7aa9
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32625b4d1942519315ce37a3dcf7162d70a8a207bc492dc1969b39dd8cc62bf2
363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde
38250a185329628cc9473b1fd4e7e52735fa48b073b584f852084b419bb536f4
3a29d3a8f96618b5689f1b21fb26cd53f4aff14d2b67a907680b129188ef81ed
3dd173f121f01cf9dd4606425927ea40609e330fdd815c00fc7f66699ed8ee47
4b5f777ca08aa11247e879970d0391cdfe12f9012b1fd9e96d270cc9453f235f
5038d3517a23001f7c51b3ba8a4c37c623ea4fd5b148e60375258088a52ae177
575cd6a363789b9bb83d75e927189c094db2e45257a44b7a1ab838edc03c4799
57a7734556b975fb986565db9a9a0720c9a33420b4933f2f17a7fbbb96535c90
585bb2799f68a6aa34d6d3c5e5340a18c4af2906e4eff27b21f916ce3623f784
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
67afc97cbd7f59222c1142d25766813e1d669c415295a7a8d005620992c42479
6dce74f6bf16651ae48050b2154916610f1429f72d9d4f04803c158a172138b7
781d0530898bc205c19ab41ce5a45e15365e953ce9ec906d1ccbadb3062a3651
792c4727a221e714a48b7405834db0ddb12fc13b9242fe6ab73a5734d74c6f1d
7ad11401884be9fd0545ecb5a1b5cc091598b66b5c463f1bdc2068af3839c93e
80d26ae3f3fb0f211fbc0a31c1e991288782787cd6cc3e0fadd1117ba0132842
814f3c10cdb5337b52a6df857ad235385acc434227b02d8b44aebd6cd718bc11
81c7b811df5fcae77736f7af6d2243f1fbe922cf52adf7981a9493d038db4dc2
846d04535b5c2a5a519fcec35392465a9ec78f915be45fd46da1545216182c29
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8bece701632e4a2991bff9e415b70d980872eb394ea21d85063844366b4fd1a5
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9a24a9be29c76bcdce7bd93fd107395baefd8fc0cc5acb5d3ed5447880991bca
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
ab6dae0fb5ce50128b831a281b7a1ea5528bbb4059cc188ce0e84cecb6124c38
ad05d6f904c11840caf7f54607d08f86069ae3d76c6f53fb1de0ab67880e4bb6
af712758fc63863f53cb44cbffb087434356eabfcc3298067aedb986cec27e90
b35b9264b97e135fed319953849ce5e95241f2e836f10e9a73bb7c9689113dba
bd0e8ee9337e6ae48c0080c652c26c4eea5ad5b144caf4870c27ed137c9fd87e
c89ca59b1817ffd238f1c18a600d9201fd77c76bee64f1f593a1fa3eaea9ae49
d4395b50b497d7459c67cd25761ae7d9e8e216dab45a362b89ae7c5471d1f814
d98d7ccbfd97e04157f64673c2d93a1a884011fdd6b65b32146fd912867739c5
db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59
dbfcc5c9acbe5c868a56e8a5f375c3cea6dacee2c6813a0d2b49bf9bfc60e16f
dc6571b2fac0970b22bd90c57119e1355a40a75513fbc3966763c5fff7c2271f
df29627d1563a83ba432c4e2f370f1556b91fafdcc18ddaadb409efd61b620b2
e0f80596fbc8de9be196589720fc25a245d43f4da3c1f75dbedfaa92d14ec5e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67f227cae68c48f2271412359f3bd69ceece78f99db2759ce9c600be896f0eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1bb0e95f2397204ae0c96afa35efb1e0673e94c387feed9f6e974483d801936
f5582370e77ee531b7a4d097545808b7454650ee4f4aaa5a30df73424c296862
f6ee883f29ccd43a8444d42724f5cf4b421e405225e9b737acb1e4d038a97881
fe72211bf26261411d8e08c59180a9c69f1d6d853f89c6201fc94e956024bb94

wol1ckaim.com Open in urlscan Pro 2a03:b0c0:3:f0::8b:3000 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

93 %HTTPS

62 %IPv6

22 Domains

23 Subdomains

19 IPs

6 Countries

1812 kBTransfer

2240 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wol1ckaim.com Open in urlscan Pro
2a03:b0c0:3:f0::8b:3000 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

93 %
HTTPS

62 %
IPv6

22
Domains

23
Subdomains

19
IPs

6
Countries

1812 kB
Transfer

2240 kB
Size

25
Cookies

68 HTTP transactions
2 data transactions