urlscan.io logo urlscan.io
SecurityTrails logo

nqgpg.com Open in urlscan Pro
51.15.128.218  Public Scan

Go To Rescan Add Verdict Report
URL: http://nqgpg.com/
Submission: On October 27 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 23 domains to perform 106 HTTP transactions. The main IP is 51.15.128.218, located in France and belongs to AS12876, FR. The main domain is nqgpg.com.
This is the only time nqgpg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 51.15.128.218 12876 (AS12876)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
6 2606:4700:30:... 13335 (CLOUDFLAR...)
6 2606:4700:30:... 13335 (CLOUDFLAR...)
3 3 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
3 3 52.29.247.95 16509 (AMAZON-02)
6 52.222.161.162 16509 (AMAZON-02)
3 3 52.29.49.141 16509 (AMAZON-02)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
3 3 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
24 159.89.15.171 14061 (DIGITALOC...)
28 159.89.31.40 14061 (DIGITALOC...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 93.179.121.5 49352 (LOGOL-AS)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 23.22.18.227 14618 (AMAZON-AES)
1 46.105.201.240 16276 (OVH)
2 199.16.156.75 13414 (TWITTER)
1 208.43.241.179 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
106 22
4    51.15.128.218 (France)

ASN12876 (AS12876, FR)
PTR: 218-128-15-51.rev.cloud.scaleway.com
nqgpg.com
1    2a00:1450:4001:81f::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2606:4700:30::6818:79f4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gaosemm.com
2    2606:4700:30::6818:78f4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gaosemm.com
4    2606:4700:30::6812:2d32 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zxiu.info
4    2606:4700:30::681f:4d62 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
udking.com
6    2606:4700:30::681f:506f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hdstream.xyz
6    2606:4700:30::6812:3fb7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
xvideos-txxx.com
3    2606:4700:30::6818:6fd5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
baidunet.info
3    2606:4700:30::6818:6ed5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
baidunet.info
3    52.29.247.95 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-247-95.eu-central-1.compute.amazonaws.com
www.videos4men.com
6    52.222.161.162 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-162.fra54.r.cloudfront.net
normalexchange.com
3    52.29.49.141 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-49-141.eu-central-1.compute.amazonaws.com
www.topappformobile.com
3    2606:4700:30::681b:8ad1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
0517lm.com
3    2606:4700:30::6812:2a9a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
filepin.co
3    2606:4700:30::6812:2b9a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
filepin.co
24    159.89.15.171 (Vancouver, Canada)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: xtracker.pro
xtracker.pro
28    159.89.31.40 (Vancouver, Canada)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: leadtrack.pro-05
leadtrack.pro
1    2606:4700:30::6812:2c32 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zxiu.info
1    2606:4700:30::6812:3a6e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
jdhgg.com
1    2606:4700:30::6812:3b6e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
jdhgg.com
1    2606:4700:30::681f:4c62 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
udking.com
1    93.179.121.5 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
qqlucy.com
1    2606:4700:30::681b:99ae (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
yingyu3.com
1    2606:4700:30::681b:ae7f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ip527.com
1    2606:4700:30::681b:af7f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ip527.com
2    23.22.18.227 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-22-18-227.compute-1.amazonaws.com
sax.peakonspot.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    199.16.156.75 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    208.43.241.179 (Chantilly, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b3.f1.2bd0.ip4.static.sl-reverse.com
s4.histats.com
2    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
28 leadtrack.pro nqgpg.com
24 xtracker.pro nqgpg.com
6 filepin.co 3 redirects nqgpg.com
6 normalexchange.com nqgpg.com
6 baidunet.info 3 redirects nqgpg.com
6 xvideos-txxx.com nqgpg.com
6 hdstream.xyz nqgpg.com
5 udking.com 1 redirects nqgpg.com
5 zxiu.info 1 redirects nqgpg.com
4 nqgpg.com nqgpg.com
3 0517lm.com nqgpg.com
3 www.topappformobile.com 3 redirects
3 www.videos4men.com 3 redirects
3 gaosemm.com 1 redirects nqgpg.com
2 www.google-analytics.com www.googletagmanager.com
nqgpg.com
2 t.co nqgpg.com
2 sax.peakonspot.com nqgpg.com
2 ip527.com 1 redirects nqgpg.com
2 jdhgg.com 1 redirects nqgpg.com
1 s4.histats.com s10.histats.com
1 s10.histats.com nqgpg.com
1 yingyu3.com nqgpg.com
1 qqlucy.com nqgpg.com
1 www.googletagmanager.com nqgpg.com
106 24

This site contains links to these domains. Also see Links.

Domain
win-iphone.cf
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-10-09 -
2019-01-01		 3 months crt.sh
sni39853.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-22 -
2019-04-30		 6 months crt.sh
sni206287.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-25 -
2019-04-03		 6 months crt.sh
sni46282.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-22 -
2019-04-30		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-09-25 -
2019-09-25		 a year crt.sh
sni88359.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-20 -
2019-04-28		 6 months crt.sh
normalexchange.com
Amazon		 2018-01-19 -
2019-02-19		 a year crt.sh
xtracker.pro
Let's Encrypt Authority X3		 2018-10-24 -
2019-01-22		 3 months crt.sh
leadtrack.pro
Let's Encrypt Authority X3		 2018-10-24 -
2019-01-22		 3 months crt.sh
sni111743.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-13 -
2019-04-21		 6 months crt.sh
sax.peakonspot.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-08 -
2019-03-08		 a year crt.sh
t.co
DigiCert SHA2 Extended Validation Server CA		 2016-12-15 -
2018-12-20		 2 years crt.sh

This page contains 98 frames:

Primary Page: http://nqgpg.com/
Frame ID: 2EEEEDCD0C4773649FBCAB956BA75E13
Requests: 9 HTTP requests in this frame

Frame: https://gaosemm.com/ads2.html
Frame ID: B36B1B2FFBB6B1802A795B2B4E7FAAE9
Requests: 1 HTTP requests in this frame

Frame: https://zxiu.info/a.html
Frame ID: 9068C01F778205114BF4CBDCAA024D5C
Requests: 1 HTTP requests in this frame

Frame: https://udking.com/a.html
Frame ID: 26A38ED91B429F3DDB946217AB9475C6
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff.html
Frame ID: 49988F3B27949DAC6D7831240AD532A8
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff2.html
Frame ID: 4F87786B0EC5829DC14981F9D78C9BB8
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff2.html
Frame ID: E5D1B7083FDAF09D4F0DD227878D43E5
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff.html
Frame ID: C24E59128508F2E712293569A0BFF7CA
Requests: 1 HTTP requests in this frame

Frame: https://baidunet.info/aff.html
Frame ID: A08519B4203E309A08666AD228144C0D
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
Frame ID: 6A57E25BC3504365FF3DFDC17A830A66
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
Frame ID: 801F885DEA36834CC735B0BC73E40EF4
Requests: 1 HTTP requests in this frame

Frame: http://0517lm.com/mv.html
Frame ID: 6011BB36A584A332861EB760F041779E
Requests: 1 HTTP requests in this frame

Frame: https://filepin.co/mv.html
Frame ID: 9B9D1D508074C73CF6CEEACABFBC0B81
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=b94c260&source=default
Frame ID: 2EC08E40036E104E2936D064903E7319
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=b94c260&source=default
Frame ID: 5A00ED0BDA44B74378FCF7C783B5F0B7
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=790f4e&source=default
Frame ID: 5910B76562495D6136A8C003DDC9B48D
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=790f4e&source=default
Frame ID: 04C1498E4434354B1352F3D4BE18E9C3
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=3ef17d&source=blog3
Frame ID: F7C9FA6AE8CBA028D9189DD38FFBAF05
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=3ef17d&source=banner3
Frame ID: 69203E8495FC886110580EE0B3D8E6FD
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=89d958ed2&source=default
Frame ID: 7C40B26C659902104267DFDA37DDC1B1
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=89d958ed2&source=default
Frame ID: F4E38C7C4BB8DE96F79DC36CEBF2EB84
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=214010c&source=default
Frame ID: EBEF377CD237BDFFDF3EA79D88BA7A17
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=214010c&source=default
Frame ID: 3085B8EC410D95139C17468825BFFFF7
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=9c65eeb93&source=default
Frame ID: 7C9CDA97A24AA55AB9E255956BC42ACC
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=9c65eeb93&source=default
Frame ID: 57C143166F66E3854D9C8A41BD1B30A0
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=ac820cdb&source=default
Frame ID: 1A3F7443F0E63BD47EACC08B1745EC57
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=ac820cdb&source=default
Frame ID: 917EB96450FCF572BBDC71F3D05408A7
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=1354b73&source=default
Frame ID: 5A5A53FBF49B404B8C5DB764EC5F36EF
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=1354b73&source=default
Frame ID: 9F9452A134DFE5F77A50CCF32E014831
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=1127d7&source=default
Frame ID: 2166FD6F40E3461ADD09E3FE4E13E207
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=1127d7&source=default
Frame ID: 2F342ED4230825120470B817F768E143
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=e508c3&source=default
Frame ID: F0F0857092DAA5A1A711DC7CC1988B22
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=e508c3&source=default
Frame ID: 4BB2CA775393E6CB1BE9501E9B155EAD
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=6f571e3ab7&source=default
Frame ID: 8AD715FA4B34AED860976C1A51F8F122
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=6f571e3ab7&source=default
Frame ID: 75C5ECF07C390B09BE853D0E2393D25E
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=b6b29b3f&source=default
Frame ID: DFE8516E61194781C8BBD00BE2689D04
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=b6b29b3f&source=default
Frame ID: 004044118BF9DB23C6770761DB2EFA85
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=8471a446&source=default
Frame ID: F11EE329034E105BA3477EFEF95FC3A1
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=8471a446&source=default
Frame ID: 87932FBD670A5C0CA88C06A39FCAE2F3
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Frame ID: B9797CFDB7F74F3BB324FAA85EFA78C0
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Frame ID: 7D5D115224F853F7745B77431E36E7A4
Requests: 1 HTTP requests in this frame

Frame: https://zxiu.info/a.html
Frame ID: 3BD44E7AE1BE9157631AE6C9B31CD828
Requests: 1 HTTP requests in this frame

Frame: https://udking.com/a.html
Frame ID: C9430A93ECEB8BF46F849E484E4889E4
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff.html
Frame ID: C222B72DC929FCEAD385E97B006A3097
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff2.html
Frame ID: 14C082280B5B5C9E9B5F4F51F3C50D49
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff2.html
Frame ID: FCD5AF3C29FBFA3F33DFF1AFE61B41BC
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff.html
Frame ID: 6FF4294D08422AD844F1891F7A2741E7
Requests: 1 HTTP requests in this frame

Frame: https://baidunet.info/aff.html
Frame ID: 2B7FEF9A04EFEABC804E54BFDD25A853
Requests: 1 HTTP requests in this frame

Frame: http://0517lm.com/mv.html
Frame ID: 58F1704CE3C6B586041FD0867BEFB927
Requests: 1 HTTP requests in this frame

Frame: https://filepin.co/mv.html
Frame ID: F5D9B078FFE10CB0671B7B242074DA06
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=fce6565b7&source=popcash
Frame ID: 8109465C298AFFF91E2FE82E2B4D7BA2
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=fce6565b7&source=propellerads
Frame ID: BC112500BB6631304A6A95CC930C246F
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=36124&source=facebook
Frame ID: DB7EC373F7E7C67BC76A11B61A372F78
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=36124&source=youtube
Frame ID: 0D241B549C6CF37DB2E614AB47D31EB3
Requests: 1 HTTP requests in this frame

Frame: https://zxiu.info/pin.html
Frame ID: 61A25193BB82170057F1288E6BC3DC1B
Requests: 1 HTTP requests in this frame

Frame: https://jdhgg.com/pin.html
Frame ID: 749FCAC8A6D06308EA803FF2F0FFF8F2
Requests: 1 HTTP requests in this frame

Frame: https://udking.com/pin.html
Frame ID: F81AB40EC8AE5F40AD45B2498354DBE8
Requests: 1 HTTP requests in this frame

Frame: http://qqlucy.com/pin.php
Frame ID: 2EB9074755C1471B91729F228FDF242E
Requests: 1 HTTP requests in this frame

Frame: http://yingyu3.com/pin2.php
Frame ID: 58806FD13321A111D54010785946F6DF
Requests: 1 HTTP requests in this frame

Frame: https://ip527.com/pin2.html
Frame ID: 1ADD34AC5CE57B5A30A04DE94A7E9521
Requests: 1 HTTP requests in this frame

Frame: https://gaosemm.com/pin.html
Frame ID: 17492422D3FB8D73F6FE92D2DFC33BB1
Requests: 1 HTTP requests in this frame

Frame: https://sax.peakonspot.com/dep.php?pid=7384&subid={SUBID}
Frame ID: 53BE8DFA01365B6AB4C2072DB348075E
Requests: 1 HTTP requests in this frame

Frame: https://sax.peakonspot.com/dep.php?pid=6943&subid={SUBID}
Frame ID: 3AC2F4F9B20DFCF1A15E49EC790395D3
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Frame ID: 8D01F8DBE07B41509D27C21CA2BB2858
Requests: 1 HTTP requests in this frame

Frame: https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Frame ID: F818D04B3B1E052240B4BABEF647737B
Requests: 1 HTTP requests in this frame

Frame: http://0517lm.com/mv.html
Frame ID: 023428625D20FED94477F8ED035E4AD6
Requests: 1 HTTP requests in this frame

Frame: https://filepin.co/mv.html
Frame ID: FF988A893886F0F13463C65DBF362867
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=b94c260&source=default
Frame ID: 167C85C8EEEEC723B81AF985D6F3A36D
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=b94c260&source=default
Frame ID: F28151B2AE2FC5E9510C8B9CA1164A3B
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=790f4e&source=default
Frame ID: A6A6D8F7197CBF75209484A56E77FC4A
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=790f4e&source=default
Frame ID: 574E96DE8186A3AEDD7ECFEC1DF48D80
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=3ef17d&source=blog3
Frame ID: C770B2A77505F310DF3880B5AD0E4A97
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=3ef17d&source=banner3
Frame ID: 3F305E4BA0CF388D2C2FE443222F9B16
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=89d958ed2&source=default
Frame ID: 45D0ADC404186CAB053974AC2D77BAC2
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=89d958ed2&source=default
Frame ID: BBA38118573E5A812EBF6493AD76E531
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=214010c&source=default
Frame ID: D3FF4BC358C8B16D45AC652D555EAE63
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=214010c&source=default
Frame ID: 0100E5F0D31DA134ECBECCE958D6859B
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=9c65eeb93&source=default
Frame ID: 255768BED1A7DE1AF4DB9A19D6E2DDD5
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=9c65eeb93&source=default
Frame ID: B86529C524B615CEBA24EFA86D22CB14
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=ac820cdb&source=default
Frame ID: AB1B9E9374031C28075A05901D288E3B
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=ac820cdb&source=default
Frame ID: 3DA1FCD459C80EFB66D7AEE2C0ED36CC
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=1354b73&source=default
Frame ID: 4CF493D74EED02DBE121189EA3F3A85D
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=1354b73&source=default
Frame ID: 7F0B5CF5E579DEDC24161EEE130D37BE
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=1127d7&source=default
Frame ID: E92344088F006B31538C23C37CE40A86
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=1127d7&source=default
Frame ID: 46B9E61EA9C180A53162455673665F8B
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=e508c3&source=default
Frame ID: BAEDD0024E356052B33216859771FA4A
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=e508c3&source=default
Frame ID: 16884B30EC7EA880248AEEBA64C7130D
Requests: 1 HTTP requests in this frame

Frame: https://leadtrack.pro/?aff=m&id=6f571e3ab7&source=default
Frame ID: 290E097D97E1BFC7ED96DD7FDAA7A4F2
Requests: 1 HTTP requests in this frame

Frame: https://xtracker.pro/?aff=a&id=6f571e3ab7&source=default
Frame ID: CC0E413CBCD7FEDFEAD8C99AF293DC47
Requests: 1 HTTP requests in this frame

Frame: https://zxiu.info/a.html
Frame ID: 5E04A3645F8567954D28BB58032076BA
Requests: 1 HTTP requests in this frame

Frame: https://udking.com/a.html
Frame ID: 115D3F4B82EEB0E50CE6CC8176DBAEF6
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff.html
Frame ID: D8F59FD3A5CCAF28A4273720BBAB756E
Requests: 1 HTTP requests in this frame

Frame: https://hdstream.xyz/aff2.html
Frame ID: BA1984D61DC3446FE1CEB4C381D423E3
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff2.html
Frame ID: 57E6930BC6F9A56DF63CA74E193045F2
Requests: 1 HTTP requests in this frame

Frame: https://xvideos-txxx.com/aff.html
Frame ID: 9FFF52175EEEE26179C10AAB6C728D79
Requests: 1 HTTP requests in this frame

Frame: https://baidunet.info/aff.html
Frame ID: EA33BA2903EAA8CE7C6A8373B530F73B
Requests: 1 HTTP requests in this frame

Frame: https://t.co/VPnY85KSCb
Frame ID: 4385D25C09A1C699A704268DF4C9F701
Requests: 1 HTTP requests in this frame

Frame: https://t.co/jYoPJ3dquT
Frame ID: F4E755FB4BEF770C4FAA979908490A9F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

106
Requests

90 %
HTTPS

65 %
IPv6

23
Domains

24
Subdomains

22
IPs

6
Countries

84 kB
Transfer

192 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://gaosemm.com/ads2.html HTTP 301
  • https://gaosemm.com/ads2.html
Request Chain 11
  • http://baidunet.info/aff.html HTTP 301
  • https://baidunet.info/aff.html
Request Chain 12
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
Request Chain 13
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
Request Chain 15
  • http://filepin.co/mv.html HTTP 301
  • https://filepin.co/mv.html
Request Chain 42
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Request Chain 43
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Request Chain 50
  • http://baidunet.info/aff.html HTTP 301
  • https://baidunet.info/aff.html
Request Chain 52
  • http://filepin.co/mv.html HTTP 301
  • https://filepin.co/mv.html
Request Chain 57
  • http://zxiu.info/pin.html HTTP 301
  • https://zxiu.info/pin.html
Request Chain 58
  • http://jdhgg.com/pin.html HTTP 301
  • https://jdhgg.com/pin.html
Request Chain 59
  • http://udking.com/pin.html HTTP 301
  • https://udking.com/pin.html
Request Chain 62
  • http://ip527.com/pin2.html HTTP 301
  • https://ip527.com/pin2.html
Request Chain 67
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Request Chain 68
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} HTTP 302
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Request Chain 70
  • http://filepin.co/mv.html HTTP 301
  • https://filepin.co/mv.html
Request Chain 99
  • http://baidunet.info/aff.html HTTP 301
  • https://baidunet.info/aff.html

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nqgpg.com/ 		29 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nqgpg.com/
Protocol
HTTP/1.1
Server
51.15.128.218 , France, ASN12876 (AS12876, FR),
Reverse DNS
218-128-15-51.rev.cloud.scaleway.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d7c93c1f82f85d793d7839a1b99793497be02fee786675be46af725208a046c9

Request headers

Host
nqgpg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Sat, 27 Oct 2018 16:49:16 GMT
Content-Type
text/html
Last-Modified
Thu, 25 Oct 2018 17:08:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5bd1f88a-7356"
Content-Encoding
gzip
style.css
nqgpg.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nqgpg.com/css/style.css
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
51.15.128.218 , France, ASN12876 (AS12876, FR),
Reverse DNS
218-128-15-51.rev.cloud.scaleway.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a5fdf9d5c06333cd14f8875c2bd676502fb53f2dc7f1d961895b4e04b097cdf6

Request headers

Accept
text/css,*/*;q=0.1
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
nqgpg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Last-Modified
Thu, 18 Oct 2018 01:13:28 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5bc7de38-4b5"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1205
icon.png
nqgpg.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nqgpg.com/img/icon.png
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
51.15.128.218 , France, ASN12876 (AS12876, FR),
Reverse DNS
218-128-15-51.rev.cloud.scaleway.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c6a5f6cc64b24c31747e77a701b8b477b12cdd5c92d17cd4d827253269f85adf

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
nqgpg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Last-Modified
Thu, 18 Oct 2018 01:13:28 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5bc7de38-2254"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8788
image1.png
nqgpg.com/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nqgpg.com/img/image1.png
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
51.15.128.218 , France, ASN12876 (AS12876, FR),
Reverse DNS
218-128-15-51.rev.cloud.scaleway.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1e1d5b9f5df570cf14a4ca8291dfd99ddac4b216e95e48c17841949dd8a76935

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
nqgpg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Last-Modified
Thu, 18 Oct 2018 01:13:28 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5bc7de38-4c6f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19567
js
www.googletagmanager.com/gtag/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-79512096-1
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
2f5ba93ce5211faf28d20b26ef1eec7c4af6d9de4c7550917a7a11f1bbebb260
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 27 Oct 2018 16:49:16 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
29675
x-xss-protection
1; mode=block
expires
Sat, 27 Oct 2018 16:49:16 GMT
ads2.html
gaosemm.com/ Frame B36B
Redirect Chain
  • http://gaosemm.com/ads2.html
  • https://gaosemm.com/ads2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gaosemm.com/ads2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:78f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
gaosemm.com
:scheme
https
:path
/ads2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=df28c5960c54754a6cb944cc4369a4e031540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.gaosemm.com; HttpOnly; Secure
last-modified
Sun, 07 Oct 2018 07:36:46 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae5c53bf11-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://gaosemm.com/ads2.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7ada567635b-FRA
a.html
zxiu.info/ Frame 9068 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zxiu.info/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2d32 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
zxiu.info
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d6ab1bc5b17e511d858c6cbe5701dcfec1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.zxiu.info; HttpOnly; Secure
last-modified
Mon, 23 Jul 2018 23:41:46 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae0a2664db-FRA
content-encoding
gzip
a.html
udking.com/ Frame 26A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://udking.com/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4d62 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
udking.com
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d933fa2281f7af4324183caa536f72a451540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.udking.com; HttpOnly; Secure
last-modified
Sat, 14 Jul 2018 12:15:49 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae1e4e63f1-FRA
content-encoding
gzip
aff.html
hdstream.xyz/ Frame 4998 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.hdstream.xyz; HttpOnly; Secure
last-modified
Thu, 13 Sep 2018 15:45:04 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae3895274a-FRA
content-encoding
gzip
aff2.html
hdstream.xyz/ Frame 4F87 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.hdstream.xyz; HttpOnly; Secure
last-modified
Thu, 13 Sep 2018 15:46:01 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae3896274a-FRA
content-encoding
gzip
aff2.html
xvideos-txxx.com/ Frame E5D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.xvideos-txxx.com; HttpOnly
last-modified
Fri, 28 Sep 2018 22:53:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae2b2fc283-FRA
content-encoding
gzip
aff.html
xvideos-txxx.com/ Frame C24E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.xvideos-txxx.com; HttpOnly
last-modified
Fri, 28 Sep 2018 22:52:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae2b32c283-FRA
content-encoding
gzip
aff.html
baidunet.info/ Frame A085
Redirect Chain
  • http://baidunet.info/aff.html
  • https://baidunet.info/aff.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://baidunet.info/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:6ed5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
baidunet.info
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d30d4c22a6bf4b156bb639f4cd2581ef31540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.baidunet.info; HttpOnly; Secure
last-modified
Fri, 19 Oct 2018 05:36:46 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae8b6ec2fb-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://baidunet.info/aff.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7ae019f977a-FRA
1e289258-e09c-11e5-bea8-021988c520a1
normalexchange.com/c/ Frame 6A57
Redirect Chain
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:16 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc4cb9c-da08-11e8-a7ff-0142de9315cb; Path=/; Expires=Tue, 06-Nov-2018 16:49:16 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
ugTjKhcGRSCv4A7zYFSyLYw4fgF_VRJKDfu-ImRvrR29nTXLLTz3wQ==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562396-201810-42fd257982&pubid=79125
set-cookie
AWSALB=8ng6o1HprCjUsnQFdMKLF7Bvgt0iTujYK7Fk+cPvEyd8DrRCM6fq0fS0qjtQ0aN+LpVTU7gnTbxNvNhbl5op2zAT8eIyfrmT28TDhrljj8kn/s2v9NPmSGVGTq5d; Expires=Sat, 03 Nov 2018 16:49:16 GMT; Path=/ vidf=czo2NDoiOWQ4MDg1MTVkOTUwZmUyMDI5YjMwYTcwNjFjOWJiOTIyNTU3ZGMwNWY5ZTYzNmY1MmRhMzViZGFjNGU1NDM4NCI7; expires=Fri, 25-Jan-2019 17:49:16 GMT; Max-Age=7779600; path=/; domain=www.videos4men.com vt=849433-1540658956; expires=Sun, 28-Oct-2018 16:49:16 GMT; Max-Age=86400; path=/; domain=videos4men.com _s=3636405; expires=Sun, 28-Oct-2018 16:49:16 GMT; Max-Age=86400; path=/; domain=videos4men.com rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.videos4men.com
server
nginx
referrer-policy
no-referrer
4056434f-952a-11e5-b565-02f6361de079
normalexchange.com/c/ Frame 801F
Redirect Chain
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:16 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35; Path=/; Expires=Tue, 06-Nov-2018 16:49:16 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
KCTNnUGEavS6eaSNBjn4kEJS8XLm1kfOW61TESy2MBNHcn7u-pMK6Q==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171597-201810-e1f7a3e0ef&pubid=79125
set-cookie
AWSALB=1ZmIysDW9scOc2BwsJJ2n29ByEd/I/11y92YnIVzWJ82gQaMYDtlpZiKBs+8bQp/uqNAS1P8Sve3HD/CQmgFIkrsk2JKIZH/JlPyTA/s3WkmsvXT1h4wrwUfn1X7; Expires=Sat, 03 Nov 2018 16:49:16 GMT; Path=/ vidf=czo2NDoiMmI4MDA5NTBhYTIwMzU0MjU3NTE0NTIzYjNjMWFmZjA1MjBjNGQxODI3MjU0ZWJjZDRlNmNhN2YwZGJlZjlkMCI7; expires=Fri, 25-Jan-2019 17:49:16 GMT; Max-Age=7779600; path=/; domain=www.topappformobile.com vt=170062-1540658956; expires=Sun, 28-Oct-2018 16:49:16 GMT; Max-Age=86400; path=/; domain=topappformobile.com _s=3636406; expires=Sun, 28-Oct-2018 16:49:16 GMT; Max-Age=86400; path=/; domain=topappformobile.com rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.topappformobile.com
server
nginx
referrer-policy
no-referrer
Cookie set mv.html
0517lm.com/ Frame 6011 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://0517lm.com/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:8ad1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Host
0517lm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfa8dc107f7f2055c4e5a730c840113671540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.0517lm.com; HttpOnly
Last-Modified
Sat, 07 Jul 2018 16:12:01 GMT
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Server
cloudflare
CF-RAY
4706a7ae13c6c2fb-FRA
Content-Encoding
gzip
mv.html
filepin.co/ Frame 9B9D
Redirect Chain
  • http://filepin.co/mv.html
  • https://filepin.co/mv.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://filepin.co/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2b9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
filepin.co
:scheme
https
:path
/mv.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d8b65a24207732ef32d976da87ada00771540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.filepin.co; HttpOnly; Secure
last-modified
Sat, 07 Jul 2018 16:13:47 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7ae8ddf9798-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://filepin.co/mv.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7ae304bc279-FRA
/
xtracker.pro/ Frame 2EC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=b94c260&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=b94c260&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 5A00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=b94c260&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=b94c260&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 5910 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=790f4e&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=790f4e&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 04C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=790f4e&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=790f4e&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame F7C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=3ef17d&source=blog3
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=3ef17d&source=blog3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 6920 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=3ef17d&source=banner3
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=3ef17d&source=banner3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 7C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=89d958ed2&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=89d958ed2&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame F4E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=89d958ed2&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=89d958ed2&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame EBEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=214010c&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=214010c&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 3085 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=214010c&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=214010c&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 7C9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=9c65eeb93&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=9c65eeb93&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 57C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=9c65eeb93&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=9c65eeb93&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 1A3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=ac820cdb&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=ac820cdb&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 917E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=ac820cdb&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=ac820cdb&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 5A5A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=1354b73&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=1354b73&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 9F94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=1354b73&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=1354b73&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 2166 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=1127d7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=1127d7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 2F34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=1127d7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=1127d7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame F0F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=e508c3&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=e508c3&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 4BB2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=e508c3&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=e508c3&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 8AD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=6f571e3ab7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=6f571e3ab7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 75C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=6f571e3ab7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=6f571e3ab7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame DFE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=b6b29b3f&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=b6b29b3f&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 0040 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=b6b29b3f&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=b6b29b3f&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame F11E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=8471a446&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=8471a446&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 8793 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=8471a446&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=8471a446&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
1e289258-e09c-11e5-bea8-021988c520a1
normalexchange.com/c/ Frame B979
Redirect Chain
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:16 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35; Path=/; Expires=Tue, 06-Nov-2018 16:49:16 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
LQIG7LTNP8w_bpU2weuOKdKFvLhvM_WqO0jwM3v9KAMJFZoo2i6tnQ==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
set-cookie
AWSALB=tLwYn8sHprtoBeDRA21+01ItwpdelVrvReLFAM5PKG7/2pN1h7FA2vPUhX1v95aofZsCS+vI7CTNPBsfxcSJ0uIoSdlyAopsX+LaUB/IClpAAxXuUIJxBn5AxDXb; Expires=Sat, 03 Nov 2018 16:49:16 GMT; Path=/ rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.videos4men.com
server
nginx
referrer-policy
no-referrer
4056434f-952a-11e5-b565-02f6361de079
normalexchange.com/c/ Frame 7D5D
Redirect Chain
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:16 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35; Path=/; Expires=Tue, 06-Nov-2018 16:49:16 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
by5UsKwrKyTN4wWgPETVQqVRUlCpFgL1znKY9nZN5b6GQNnHDXgQvg==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
set-cookie
AWSALB=NdhT++t1a+Qja4QMzWjKJvrpc/Y9YWDcMWEyMS0jZ5Y/zanVqUC12+f/gRyIa1nDHngFANg6Gkps2UYW1FjgnBczjklKYATBWPfEXn0oHVvf/qnm2cLA4ODusiO0; Expires=Sat, 03 Nov 2018 16:49:16 GMT; Path=/ rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.topappformobile.com
server
nginx
referrer-policy
no-referrer
a.html
zxiu.info/ Frame 3BD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zxiu.info/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2d32 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
zxiu.info
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d6ab1bc5b17e511d858c6cbe5701dcfec1540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
last-modified
Mon, 23 Jul 2018 23:41:46 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7aecab264db-FRA
content-encoding
gzip
a.html
udking.com/ Frame C943 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://udking.com/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4d62 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
udking.com
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d933fa2281f7af4324183caa536f72a451540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
last-modified
Sat, 14 Jul 2018 12:15:49 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7aecf0263f1-FRA
content-encoding
gzip
aff.html
hdstream.xyz/ Frame C222 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.hdstream.xyz; HttpOnly; Secure
last-modified
Thu, 13 Sep 2018 15:45:04 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7af0946274a-FRA
content-encoding
gzip
aff2.html
hdstream.xyz/ Frame 14C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
set-cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.hdstream.xyz; HttpOnly; Secure
last-modified
Thu, 13 Sep 2018 15:46:01 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7af0947274a-FRA
content-encoding
gzip
aff2.html
xvideos-txxx.com/ Frame FCD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
set-cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.xvideos-txxx.com; HttpOnly
last-modified
Fri, 28 Sep 2018 22:53:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7af1d6fc283-FRA
content-encoding
gzip
aff.html
xvideos-txxx.com/ Frame 6FF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
set-cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.xvideos-txxx.com; HttpOnly
last-modified
Fri, 28 Sep 2018 22:52:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7af1d71c283-FRA
content-encoding
gzip
aff.html
baidunet.info/ Frame 2B7F
Redirect Chain
  • http://baidunet.info/aff.html
  • https://baidunet.info/aff.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://baidunet.info/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:6ed5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
baidunet.info
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
set-cookie
__cfduid=d30d4c22a6bf4b156bb639f4cd2581ef31540658956; expires=Sun, 27-Oct-19 16:49:16 GMT; path=/; domain=.baidunet.info; HttpOnly; Secure
last-modified
Fri, 19 Oct 2018 05:36:46 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b0b916c2fb-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://baidunet.info/aff.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7af11ff977a-FRA
mv.html
0517lm.com/ Frame 58F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://0517lm.com/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:8ad1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Host
0517lm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
__cfduid=dfa8dc107f7f2055c4e5a730c840113671540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sat, 07 Jul 2018 16:12:01 GMT
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Server
cloudflare
CF-RAY
4706a7af249ec2fb-FRA
Content-Encoding
gzip
mv.html
filepin.co/ Frame F5D9
Redirect Chain
  • http://filepin.co/mv.html
  • https://filepin.co/mv.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://filepin.co/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2b9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
filepin.co
:scheme
https
:path
/mv.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d8b65a24207732ef32d976da87ada00771540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html
last-modified
Sat, 07 Jul 2018 16:13:47 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b0d89c9798-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://filepin.co/mv.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7af3161c279-FRA
/
xtracker.pro/ Frame 8109 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=fce6565b7&source=popcash
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=fce6565b7&source=popcash
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame BC11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=fce6565b7&source=propellerads
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=fce6565b7&source=propellerads
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame DB7E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=36124&source=facebook
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=36124&source=facebook
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 0D24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=36124&source=youtube
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=36124&source=youtube
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
pin.html
zxiu.info/ Frame 61A2
Redirect Chain
  • http://zxiu.info/pin.html
  • https://zxiu.info/pin.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zxiu.info/pin.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2d32 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
zxiu.info
:scheme
https
:path
/pin.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d6ab1bc5b17e511d858c6cbe5701dcfec1540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
last-modified
Sat, 07 Jul 2018 16:18:12 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b15c6864db-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://zxiu.info/pin.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b1011dbec6-FRA
pin.html
jdhgg.com/ Frame 749F
Redirect Chain
  • http://jdhgg.com/pin.html
  • https://jdhgg.com/pin.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://jdhgg.com/pin.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3b6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
jdhgg.com
:scheme
https
:path
/pin.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
set-cookie
__cfduid=d353a051d99c90e387dc02ac60715fd021540658957; expires=Sun, 27-Oct-19 16:49:17 GMT; path=/; domain=.jdhgg.com; HttpOnly; Secure
last-modified
Sat, 07 Jul 2018 16:14:31 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b2bc3c97a4-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:17 GMT
Location
https://jdhgg.com/pin.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b14201c2f6-FRA
pin.html
udking.com/ Frame F81A
Redirect Chain
  • http://udking.com/pin.html
  • https://udking.com/pin.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://udking.com/pin.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4d62 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
udking.com
:scheme
https
:path
/pin.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d933fa2281f7af4324183caa536f72a451540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
last-modified
Tue, 26 Jun 2018 08:01:11 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b1592163f1-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:16 GMT
Location
https://udking.com/pin.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b12355c279-FRA
pin.php
qqlucy.com/ Frame 2EB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://qqlucy.com/pin.php
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
93.179.121.5 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software
nginx/1.6.2 / PHP/5.4.23
Resource Hash

Request headers

Host
qqlucy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.6.2
Date
Sat, 27 Oct 2018 16:48:21 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.23
Content-Encoding
gzip
Cookie set pin2.php
yingyu3.com/ Frame 5880 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://yingyu3.com/pin2.php
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:99ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Host
yingyu3.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2a7ebaf3488d3fc062a650860fd2e46c1540658957; expires=Sun, 27-Oct-19 16:49:17 GMT; path=/; domain=.yingyu3.com; HttpOnly
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Server
cloudflare
CF-RAY
4706a7b153d69750-FRA
Content-Encoding
gzip
pin2.html
ip527.com/ Frame 1ADD
Redirect Chain
  • http://ip527.com/pin2.html
  • https://ip527.com/pin2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ip527.com/pin2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:af7f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
ip527.com
:scheme
https
:path
/pin2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
set-cookie
__cfduid=dbba4a6991752dc939af5309b3bf9581b1540658957; expires=Sun, 27-Oct-19 16:49:17 GMT; path=/; domain=.ip527.com; HttpOnly; Secure
last-modified
Sat, 07 Jul 2018 16:14:11 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b33fe4978c-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:17 GMT
Location
https://ip527.com/pin2.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b191106493-FRA
pin.html
gaosemm.com/ Frame 1749 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gaosemm.com/pin.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:78f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
gaosemm.com
:scheme
https
:path
/pin.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=df28c5960c54754a6cb944cc4369a4e031540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
last-modified
Wed, 10 Oct 2018 16:27:53 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b15f91bf11-FRA
content-encoding
gzip
Cookie set dep.php
sax.peakonspot.com/ Frame 53BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sax.peakonspot.com/dep.php?pid=7384&subid={SUBID}
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.18.227 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-22-18-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
sax.peakonspot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Oct 2018 16:49:17 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
nginx
Set-Cookie
uuid=15406589575417412915267051; expires=Mon, 26-Nov-2018 16:49:17 GMT; Max-Age=2592000
Content-Length
42
Connection
keep-alive
Cookie set dep.php
sax.peakonspot.com/ Frame 3AC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sax.peakonspot.com/dep.php?pid=6943&subid={SUBID}
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.18.227 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-22-18-227.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
sax.peakonspot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Oct 2018 16:49:17 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
nginx
Set-Cookie
uuid=15406589578041669921018184; expires=Mon, 26-Nov-2018 16:49:17 GMT; Max-Age=2592000
Content-Length
42
Connection
keep-alive
js15_as.js
s10.histats.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:39:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"1262556565"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4761
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4243
1e289258-e09c-11e5-bea8-021988c520a1
normalexchange.com/c/ Frame 8D01
Redirect Chain
  • https://www.videos4men.com/?sl=3636405-c1a1b&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:17 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35; Path=/; Expires=Tue, 06-Nov-2018 16:49:17 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
gYNBRo63NKoscPWVt7XeEHhvABXisnMcERzPQgGERcWU6EeBbB7duQ==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/1e289258-e09c-11e5-bea8-021988c520a1?clickid=9024800101373562431-201810-cfed441d81&pubid=79125
set-cookie
AWSALB=jCoG4aKmJB3iIQDS0Fj4uSyOOm9nBiAOCR5HbooqoQf8lC71M+rD+oPB0SjlFHLCJM/wjwVXaH+E4apMOUuytM4Jnw2WtRpiRrgNDP+LPeDqC5HgRyJRab0yf503; Expires=Sat, 03 Nov 2018 16:49:17 GMT; Path=/ rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.videos4men.com
server
nginx
referrer-policy
no-referrer
4056434f-952a-11e5-b565-02f6361de079
normalexchange.com/c/ Frame F818
Redirect Chain
  • https://www.topappformobile.com/?sl=3636406-633a6&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
  • https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.162 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-162.fra54.r.cloudfront.net
Software
nginx / React/alpha
Resource Hash

Request headers

:method
GET
:authority
normalexchange.com
:scheme
https
:path
/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-length
12403
date
Sat, 27 Oct 2018 16:49:17 GMT
server
nginx
cache-control
no-cache
set-cookie
_s=3dc51688-da08-11e8-8b54-0142ea749f35; Path=/; Expires=Tue, 06-Nov-2018 16:49:17 GMT; HttpOnly
x-powered-by
React/alpha
x-cache
Miss from cloudfront
via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
x-amz-cf-id
dHG2zZf37V6yjdtefRXlrhFC4jnf-WCDZYBw69lVEQ1xifI_MUF4AA==

Redirect headers

status
302
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
location
https://normalexchange.com/c/4056434f-952a-11e5-b565-02f6361de079?clickid=9005500101262171625-201810-6191247855&pubid=79125
set-cookie
AWSALB=76EsU2xydTKTZHm76qr/W08B55wZYFcSt+9k8hhDbKeOBVnAFWd8pX5snq8yNGy23JbC/xS/3pt5YtT6c62YHbvpygmqODDR7eDN2KFLlSJfDvQ9qL282OM7nBsg; Expires=Sat, 03 Nov 2018 16:49:17 GMT; Path=/ rd=YjoxOw%3D%3D; expires=Sun, 28-Oct-2018 17:49:16 GMT; Max-Age=90000; path=/; domain=www.topappformobile.com
server
nginx
referrer-policy
no-referrer
mv.html
0517lm.com/ Frame 0234 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://0517lm.com/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:8ad1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Host
0517lm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
__cfduid=dfa8dc107f7f2055c4e5a730c840113671540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sat, 07 Jul 2018 16:12:01 GMT
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Server
cloudflare
CF-RAY
4706a7b2e7f6c2fb-FRA
Content-Encoding
gzip
mv.html
filepin.co/ Frame FF98
Redirect Chain
  • http://filepin.co/mv.html
  • https://filepin.co/mv.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://filepin.co/mv.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2b9a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
filepin.co
:scheme
https
:path
/mv.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d8b65a24207732ef32d976da87ada00771540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
last-modified
Sat, 07 Jul 2018 16:13:47 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b36bf39798-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:17 GMT
Location
https://filepin.co/mv.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b30544c279-FRA
/
xtracker.pro/ Frame 167C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=b94c260&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=b94c260&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame F281 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=b94c260&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=b94c260&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame A6A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=790f4e&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=790f4e&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 574E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=790f4e&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=790f4e&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame C770 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=3ef17d&source=blog3
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=3ef17d&source=blog3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 3F30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=3ef17d&source=banner3
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=3ef17d&source=banner3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 45D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=89d958ed2&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=89d958ed2&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame BBA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=89d958ed2&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=89d958ed2&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame D3FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=214010c&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=214010c&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 0100 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=214010c&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=214010c&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 2557 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=9c65eeb93&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=9c65eeb93&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame B865 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=9c65eeb93&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=9c65eeb93&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame AB1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=ac820cdb&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=ac820cdb&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 3DA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=ac820cdb&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=ac820cdb&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 4CF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=1354b73&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=1354b73&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 7F0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=1354b73&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=1354b73&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame E923 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=1127d7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=1127d7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 46B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=1127d7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=1127d7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame BAED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=e508c3&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=e508c3&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame 1688 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=e508c3&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=e508c3&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
leadtrack.pro/ Frame 290E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://leadtrack.pro/?aff=m&id=6f571e3ab7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.31.40 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
leadtrack.pro-05
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
leadtrack.pro
:scheme
https
:path
/?aff=m&id=6f571e3ab7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
/
xtracker.pro/ Frame CC0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtracker.pro/?aff=a&id=6f571e3ab7&source=default
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
159.89.15.171 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
xtracker.pro
Software
openresty/1.13.6.2 / GWT
Resource Hash

Request headers

:method
GET
:authority
xtracker.pro
:scheme
https
:path
/?aff=a&id=6f571e3ab7&source=default
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty/1.13.6.2
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
x-powered-by
GWT
x-cached
MISS
content-encoding
gzip
a.html
zxiu.info/ Frame 5E04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zxiu.info/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:2d32 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
zxiu.info
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d6ab1bc5b17e511d858c6cbe5701dcfec1540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:17 GMT
content-type
text/html
last-modified
Mon, 23 Jul 2018 23:41:46 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b688c664db-FRA
content-encoding
gzip
a.html
udking.com/ Frame 115D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://udking.com/a.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:4d62 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
udking.com
:scheme
https
:path
/a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d933fa2281f7af4324183caa536f72a451540658956; _ga=GA1.2.70686554.1540658958; _gid=GA1.2.1499628462.1540658958; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Sat, 14 Jul 2018 12:15:49 GMT
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b7be4f63f1-FRA
content-encoding
gzip
aff.html
hdstream.xyz/ Frame D8F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Thu, 13 Sep 2018 15:45:04 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b7cfd1274a-FRA
content-encoding
gzip
aff2.html
hdstream.xyz/ Frame BA19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hdstream.xyz/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:506f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
hdstream.xyz
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d0d1ab2f3c047f1dbe4880dc6db690f7e1540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Thu, 13 Sep 2018 15:46:01 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b7cfd2274a-FRA
content-encoding
gzip
aff2.html
xvideos-txxx.com/ Frame 57E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff2.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; _ga=GA1.2.1307031104.1540658957; _gid=GA1.2.1670565454.1540658957; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Fri, 28 Sep 2018 22:53:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b7ff96c283-FRA
content-encoding
gzip
aff.html
xvideos-txxx.com/ Frame 9FFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xvideos-txxx.com/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3fb7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xvideos-txxx.com
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d8667cf9242c2f6c06a479aa7eed3d30f1540658956; _ga=GA1.2.1307031104.1540658957; _gid=GA1.2.1670565454.1540658957; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Fri, 28 Sep 2018 22:52:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b7ff98c283-FRA
content-encoding
gzip
aff.html
baidunet.info/ Frame EA33
Redirect Chain
  • http://baidunet.info/aff.html
  • https://baidunet.info/aff.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://baidunet.info/aff.html
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6818:6ed5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
baidunet.info
:scheme
https
:path
/aff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
__cfduid=d30d4c22a6bf4b156bb639f4cd2581ef31540658956
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 27 Oct 2018 16:49:18 GMT
content-type
text/html
last-modified
Fri, 19 Oct 2018 05:36:46 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4706a7b9a898c2fb-FRA
content-encoding
gzip

Redirect headers

Date
Sat, 27 Oct 2018 16:49:18 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Oct 2018 17:49:18 GMT
Location
https://baidunet.info/aff.html
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4706a7b87554977a-FRA
VPnY85KSCb
t.co/ Frame 4385 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/VPnY85KSCb
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.156.75 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/VPnY85KSCb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Sat, 27 Oct 2018 16:49:18 GMT
expires
Sat, 27 Oct 2018 16:54:18 GMT
server
tsa_b
set-cookie
muc=088520c6-c45a-4f6f-9700-c63d3db06236; Expires=Mon, 26 Oct 2020 16:49:18 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
42d95d87945e610763921461ce907488
x-response-time
15
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
jYoPJ3dquT
t.co/ Frame F4E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/jYoPJ3dquT
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.156.75 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/jYoPJ3dquT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Sat, 27 Oct 2018 16:49:18 GMT
expires
Sat, 27 Oct 2018 16:54:18 GMT
server
tsa_b
set-cookie
muc=c2e05199-6e06-478e-9fb2-bd5283663e3c; Expires=Mon, 26 Oct 2020 16:49:18 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
42d95d87945e610763921461ce907488
x-response-time
13
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
0.php
s4.histats.com/stats/ 		122 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3216574&@f16&@g1&@h1&@i1&@j1540658958138&@k0&@l1&@miPhone%20X%20Giveaway%202018&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Fnqgpg.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
208.43.241.179 Chantilly, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b3.f1.2bd0.ip4.static.sl-reverse.com
Software
/
Resource Hash
afe27915ab59b4070b2c11341d8d6e198b178b278f889c8702bd3a45870cba6f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 27 Oct 2018 16:49:18 GMT
Connection
close
Content-Length
122
Content-Type
text/html;charset=UTF-8
analytics.js
www.google-analytics.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79512096-1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
1199
date
Sat, 27 Oct 2018 16:29:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17301
expires
Sat, 27 Oct 2018 18:29:19 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j71&a=218913310&t=pageview&_s=1&dl=http%3A%2F%2Fnqgpg.com%2F&ul=en-us&de=windows-1252&dt=iPhone%20X%20Giveaway%202018&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1522614799&gjid=1322286340&cid=1797480273.1540658959&tid=UA-79512096-1&_gid=104401705.1540658959&_r=1&gtm=uaf&z=264750493
Requested by
Host: nqgpg.com
URL: http://nqgpg.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Oct 2018 16:49:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showHideGB function| moveGB object| gb function| red function| gtag object| dataLayer object| _Hasync object| google_tag_manager function| chfh function| chfh2 string| _HST_cntval object| Histats string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| _HistatsCounterGraphics_0_setValues

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0517lm.com
baidunet.info
filepin.co
gaosemm.com
hdstream.xyz
ip527.com
jdhgg.com
leadtrack.pro
normalexchange.com
nqgpg.com
qqlucy.com
s10.histats.com
s4.histats.com
sax.peakonspot.com
t.co
udking.com
www.google-analytics.com
www.googletagmanager.com
www.topappformobile.com
www.videos4men.com
xtracker.pro
xvideos-txxx.com
yingyu3.com
zxiu.info
159.89.15.171
159.89.31.40
199.16.156.75
208.43.241.179
23.22.18.227
2606:4700:30::6812:2a9a
2606:4700:30::6812:2b9a
2606:4700:30::6812:2c32
2606:4700:30::6812:2d32
2606:4700:30::6812:3a6e
2606:4700:30::6812:3b6e
2606:4700:30::6812:3fb7
2606:4700:30::6818:6ed5
2606:4700:30::6818:6fd5
2606:4700:30::6818:78f4
2606:4700:30::6818:79f4
2606:4700:30::681b:8ad1
2606:4700:30::681b:99ae
2606:4700:30::681b:ae7f
2606:4700:30::681b:af7f
2606:4700:30::681f:4c62
2606:4700:30::681f:4d62
2606:4700:30::681f:506f
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
46.105.201.240
51.15.128.218
52.222.161.162
52.29.247.95
52.29.49.141
93.179.121.5
1e1d5b9f5df570cf14a4ca8291dfd99ddac4b216e95e48c17841949dd8a76935
2f5ba93ce5211faf28d20b26ef1eec7c4af6d9de4c7550917a7a11f1bbebb260
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
a5fdf9d5c06333cd14f8875c2bd676502fb53f2dc7f1d961895b4e04b097cdf6
afe27915ab59b4070b2c11341d8d6e198b178b278f889c8702bd3a45870cba6f
c6a5f6cc64b24c31747e77a701b8b477b12cdd5c92d17cd4d827253269f85adf
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
d7c93c1f82f85d793d7839a1b99793497be02fee786675be46af725208a046c9