en.50kaweek.online Open in urlscan Pro
54.37.79.146  Malicious Activity! Public Scan

Submitted URL: https://bit.ly/2kAqkBB?IKwg
Effective URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Submission: On May 31 via manual from US

Summary

This website contacted 11 IPs in 2 countries across 16 domains to perform 21 HTTP transactions. The main IP is 54.37.79.146, located in Woodbridge, United States and belongs to OVH, FR. The main domain is en.50kaweek.online.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 31st 2018. Valid for: 3 months.
This is the only time en.50kaweek.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 395224 (BITLY-AS)
2 2 199.188.200.13 22612 (NAMECHEAP...)
1 1 52.26.217.111 16509 (AMAZON-02)
1 1 35.165.72.15 16509 (AMAZON-02)
1 1 185.170.147.229 34934 (UKFAST)
1 1 54.37.76.79 16276 (OVH)
1 8 54.37.79.146 16276 (OVH)
3 209.197.3.15 20446 (HIGHWINDS3)
3 104.19.197.151 13335 (CLOUDFLAR...)
1 216.58.207.72 15169 (GOOGLE)
1 216.58.207.74 15169 (GOOGLE)
1 216.58.207.67 15169 (GOOGLE)
1 2 216.58.207.78 15169 (GOOGLE)
1 173.194.76.157 15169 (GOOGLE)
2 216.58.206.14 15169 (GOOGLE)
1 172.217.21.238 15169 (GOOGLE)
21 11
Domain Requested by
8 en.50kaweek.online 1 redirects en.50kaweek.online
3 cdnjs.cloudflare.com en.50kaweek.online
3 maxcdn.bootstrapcdn.com en.50kaweek.online
2 www.youtube.com en.50kaweek.online
s.ytimg.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 zenmaker.network 2 redirects
1 s.ytimg.com www.youtube.com
1 stats.g.doubleclick.net en.50kaweek.online
1 fonts.gstatic.com en.50kaweek.online
1 fonts.googleapis.com en.50kaweek.online
1 www.googletagmanager.com en.50kaweek.online
1 ai-redirect.me 1 redirects
1 jsanfran25.500awik.cpa.clicksure.com 1 redirects
1 jbrotrk.com 1 redirects
1 newjamtrax.com 1 redirects
1 bit.ly 1 redirects
21 16

This site contains no links.

Subject Issuer Validity Valid
en.50kaweek.online
Let's Encrypt Authority X3
2018-05-31 -
2018-08-29
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-05-15 -
2018-08-07
3 months crt.sh

This page contains 2 frames:

Primary Page: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Frame ID: 96D41484C2F0DFCE0C05C4125FF9C503
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?controls=1&rel=0&showinfo=0&mute=true&enablejsapi=1&origin=https%3A%2F%2Fen.50kaweek.online&widgetid=1
Frame ID: 77E674C96837F152DDEDEAC7EC1C6484
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/2kAqkBB?IKwg HTTP 301
    http://zenmaker.network/?OQzdDQ HTTP 302
    http://zenmaker.network/indexa.php HTTP 302
    http://newjamtrax.com/?a=1019&c=1408&s1=mail HTTP 302
    http://jbrotrk.com/?a=1019&c=1408&s1=mail&ckmguid=72fbec9e-51ec-42aa-bb56-14c8b6c8b299 HTTP 302
    http://jsanfran25.500awik.cpa.clicksure.com/ HTTP 302
    http://ai-redirect.me/JB0kO?a=6920&o=3726&s=1121761704 HTTP 302
    http://en.50kaweek.online/?a=6920&o=3726&s=1121761704 HTTP 302
    https://en.50kaweek.online/?a=6920&o=3726&s=1121761704 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

21
Requests

38 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

11
IPs

2
Countries

418 kB
Transfer

1249 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2kAqkBB?IKwg HTTP 301
    http://zenmaker.network/?OQzdDQ HTTP 302
    http://zenmaker.network/indexa.php HTTP 302
    http://newjamtrax.com/?a=1019&c=1408&s1=mail HTTP 302
    http://jbrotrk.com/?a=1019&c=1408&s1=mail&ckmguid=72fbec9e-51ec-42aa-bb56-14c8b6c8b299 HTTP 302
    http://jsanfran25.500awik.cpa.clicksure.com/ HTTP 302
    http://ai-redirect.me/JB0kO?a=6920&o=3726&s=1121761704 HTTP 302
    http://en.50kaweek.online/?a=6920&o=3726&s=1121761704 HTTP 302
    https://en.50kaweek.online/?a=6920&o=3726&s=1121761704 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1138802086&t=pageview&_s=1&dl=https%3A%2F%2Fen.50kaweek.online%2F%3Fa%3D6920%26o%3D3726%26s%3D1121761704&ul=en-us&de=UTF-8&dt=en.50kaweek.online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=432421455&gjid=1506762216&cid=1906846190.1527794217&tid=UA-80184432-1&_gid=1785553429.1527794217&_r=1&gtm=G5oWFBL9N7&z=462874096 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80184432-1&cid=1906846190.1527794217&jid=432421455&_gid=1785553429.1527794217&gjid=1506762216&_v=j68&z=462874096

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
en.50kaweek.online/
Redirect Chain
  • https://bit.ly/2kAqkBB?IKwg
  • http://zenmaker.network/?OQzdDQ
  • http://zenmaker.network/indexa.php
  • http://newjamtrax.com/?a=1019&c=1408&s1=mail
  • http://jbrotrk.com/?a=1019&c=1408&s1=mail&ckmguid=72fbec9e-51ec-42aa-bb56-14c8b6c8b299
  • http://jsanfran25.500awik.cpa.clicksure.com/
  • http://ai-redirect.me/JB0kO?a=6920&o=3726&s=1121761704
  • http://en.50kaweek.online/?a=6920&o=3726&s=1121761704
  • https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
6 KB
2 KB
Document
General
Full URL
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
22161a17e0342b8ddb508a65a0557f1452b0e84c5bef4e0d64cad8735f366d57

Request headers

Host
en.50kaweek.online
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
96D41484C2F0DFCE0C05C4125FF9C503

Response headers

Server
nginx
Date
Thu, 31 May 2018 19:16:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
ETag
W/"5b0feec6-1719"
X-Geo
DE
Content-Encoding
gzip

Redirect headers

Cache-Control
no-cache
Content-length
0
Location
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Connection
close
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 31 May 2018 19:16:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2018 05:57:55 GMT
Connection
Keep-Alive
ETag
"1519106275"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
19747
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 31 May 2018 19:16:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:17 GMT
Connection
Keep-Alive
ETag
"1518903977"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
6241
layout_50kweek.css
en.50kaweek.online/css/
24 KB
4 KB
Stylesheet
General
Full URL
https://en.50kaweek.online/css/layout_50kweek.css
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
13aa38e65146a1734db1726539ef7fa2129e69772171d03f230a8812cc757828

Request headers

Accept
text/css,*/*;q=0.1
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5b0feedd-614a"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=21600 public
Transfer-Encoding
chunked
Expires
Fri, 01 Jun 2018 01:16:57 GMT
app.js
en.50kaweek.online/js/
579 KB
141 KB
Script
General
Full URL
https://en.50kaweek.online/js/app.js
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
e23cca7e03476a9230883dbd4ded1d1b4ef3d8c062ee6f0cd7fad8c102059068

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Connection
keep-alive
Cache-Control
no-cache
Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5b0feef2-90d28"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600 public
Transfer-Encoding
chunked
Expires
Fri, 01 Jun 2018 01:16:57 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/
84 KB
29 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
104.19.197.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:33 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
423bc7214bd59762-FRA
expires
Tue, 21 May 2019 19:16:57 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.1/
2 KB
1021 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.1/js.cookie.min.js
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
104.19.197.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56586ccc2a08b1ce24f1c198bd68743e94a0bc2d5bb78a195fe9dc421c77131
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:34 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
423bc7214bd69762-FRA
expires
Tue, 21 May 2019 19:16:57 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
104.19.197.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Jul 2016 07:16:08 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
423bc7214bd89762-FRA
expires
Tue, 21 May 2019 19:16:57 GMT
gtm.js
www.googletagmanager.com/
125 KB
29 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
216.58.207.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
dce9519416c10e2bb0409807cf927280199c891dee5155ce0d2d8b3b3fea49da
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29386
x-xss-protection
1; mode=block
expires
Thu, 31 May 2018 19:16:57 GMT
css
fonts.googleapis.com/
474 B
332 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,700&subset=latin,latin-ext
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
467bc074ef4ba9ffc97b678b9b59251e607fc7d400f7f0a9b01d6c8cc98b937e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 31 May 2018 19:16:57 GMT
bgBluePattern.png
en.50kaweek.online/images/
27 KB
27 KB
Image
General
Full URL
https://en.50kaweek.online/images/bgBluePattern.png
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
fe6468e53a8521e2795b2a4d0918fbcc44e620179069ec4e4ca45bea253bef85

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://en.50kaweek.online/css/layout_50kweek.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://en.50kaweek.online/css/layout_50kweek.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Last-Modified
Thu, 31 May 2018 12:48:58 GMT
Server
nginx
ETag
"5b0fef3a-6c74"
Content-Type
image/png
Cache-Control
max-age=2568721 public
Accept-Ranges
bytes
Content-Length
27764
Expires
Sat, 30 Jun 2018 12:48:58 GMT
formPattern.png
en.50kaweek.online/images/
958 B
1 KB
Image
General
Full URL
https://en.50kaweek.online/images/formPattern.png
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
1045300bee15c28d5a98bf1a9ee88eea8d188a7c07ad5a86b48050dfe9b1d89f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://en.50kaweek.online/css/layout_50kweek.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://en.50kaweek.online/css/layout_50kweek.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Last-Modified
Thu, 31 May 2018 12:48:58 GMT
Server
nginx
ETag
"5b0fef3a-3be"
Content-Type
image/png
Cache-Control
max-age=2568721 public
Accept-Ranges
bytes
Content-Length
958
Expires
Sat, 30 Jun 2018 12:48:58 GMT
videoBg.png
en.50kaweek.online/images/
20 KB
20 KB
Image
General
Full URL
https://en.50kaweek.online/images/videoBg.png
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
4b98d0ae0bee1ab393622be0f9c7edc2a4d84f89ab0786e4e7d76874f0d08564

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://en.50kaweek.online/css/layout_50kweek.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://en.50kaweek.online/css/layout_50kweek.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Last-Modified
Thu, 31 May 2018 12:48:58 GMT
Server
nginx
ETag
"5b0fef3a-5030"
Content-Type
image/png
Cache-Control
max-age=2568721 public
Accept-Ranges
bytes
Content-Length
20528
Expires
Sat, 30 Jun 2018 12:48:58 GMT
freeAccessStripe.png
en.50kaweek.online/images/
6 KB
6 KB
Image
General
Full URL
https://en.50kaweek.online/images/freeAccessStripe.png
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.37.79.146 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip-54-37-79.eu
Software
nginx /
Resource Hash
b0a23ca17305ef42cf90037aefd2877a312bd437b1c6d7415f23e86cf3f999e5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
en.50kaweek.online
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://en.50kaweek.online/css/layout_50kweek.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://en.50kaweek.online/css/layout_50kweek.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
public
Date
Thu, 31 May 2018 19:16:57 GMT
Last-Modified
Thu, 31 May 2018 12:48:58 GMT
Server
nginx
ETag
"5b0fef3a-1890"
Content-Type
image/png
Cache-Control
max-age=2568721 public
Accept-Ranges
bytes
Content-Length
6288
Expires
Sat, 30 Jun 2018 12:48:58 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/
65 KB
65 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
HTTP/1.1
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://en.50kaweek.online

Response headers

Date
Thu, 31 May 2018 19:16:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:23 GMT
Connection
Keep-Alive
ETag
"1518903983"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges
bytes
Content-Length
66632
LDI2apCSOBg7S-QT7pa8FvOleeI.ttf
fonts.gstatic.com/s/rajdhani/v7/
70 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rajdhani/v7/LDI2apCSOBg7S-QT7pa8FvOleeI.ttf
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
66e4fe51ab191d871d798815101978b58539444236cf1ba2581342dd8c861c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rajdhani:400,700&subset=latin,latin-ext
Origin
https://en.50kaweek.online

Response headers

date
Thu, 24 May 2018 19:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603606
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30757
x-xss-protection
1; mode=block
last-modified
Tue, 10 Oct 2017 23:12:47 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 May 2019 19:36:51 GMT
analytics.js
www.google-analytics.com/
34 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7
Protocol
SPDY
Server
216.58.207.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
2032
date
Thu, 31 May 2018 18:43:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Thu, 31 May 2018 20:43:05 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1138802086&t=pageview&_s=1&dl=https%3A%2F%2Fen.50kaweek.online%2F%3Fa%3D6920%26o%3D3726%26s%3D1121761704&ul=en-us&de=UTF-8&dt=en.50kaweek.onl...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80184432-1&cid=1906846190.1527794217&jid=432421455&_gid=1785553429.1527794217&gjid=1506762216&_v=j68&z=462874096
35 B
103 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80184432-1&cid=1906846190.1527794217&jid=432421455&_gid=1785553429.1527794217&gjid=1506762216&_v=j68&z=462874096
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
Protocol
SPDY
Server
173.194.76.157 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 31 May 2018 19:16:57 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 May 2018 19:16:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80184432-1&cid=1906846190.1527794217&jid=432421455&_gid=1785553429.1527794217&gjid=1506762216&_v=j68&z=462874096
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/
859 B
927 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: en.50kaweek.online
URL: https://en.50kaweek.online/js/app.js
Protocol
SPDY
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
YouTube Frontend Proxy /
Resource Hash
be54c985cc5600c1bb5f6d421492bea1ffca8e762bbf47a732ea26de9e7b0159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 31 May 2018 19:16:57 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
859
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflQSvpsZ/
20 KB
8 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflQSvpsZ/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
SPDY
Server
172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f238.1e100.net
Software
sffe /
Resource Hash
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 29 May 2018 00:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239527
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
7696
x-xss-protection
1; mode=block
last-modified
Sat, 26 May 2018 06:49:46 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 06 Jun 2018 00:44:50 GMT
/
www.youtube.com/embed/ Frame 77E6
0
0
Document
General
Full URL
https://www.youtube.com/embed/?controls=1&rel=0&showinfo=0&mute=true&enablejsapi=1&origin=https%3A%2F%2Fen.50kaweek.online&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflQSvpsZ/www-widgetapi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/?controls=1&rel=0&showinfo=0&mute=true&enablejsapi=1&origin=https%3A%2F%2Fen.50kaweek.online&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
96D41484C2F0DFCE0C05C4125FF9C503
Referer
https://en.50kaweek.online/?a=6920&o=3726&s=1121761704

Response headers

status
200
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 31 May 2018 19:16:57 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=5pjrMPnxx7E; path=/; domain=.youtube.com; expires=Tue, 27-Nov-2018 19:16:57 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 30-Jan-2019 07:09:57 GMT YSC=5Y2y4VQI2DI; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 31-May-2018 19:46:57 GMT VISITOR_INFO1_LIVE=5pjrMPnxx7E; path=/; domain=.youtube.com; expires=Tue, 27-Nov-2018 19:16:57 GMT; httponly
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| postscribe object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| $cookies object| gajus function| onYouTubeIframeAPIReady function| $ function| jQuery function| Cookies object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

13 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: 5Y2y4VQI2DI
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 5pjrMPnxx7E
.en.50kaweek.online/ Name: _gid
Value: GA1.3.1785553429.1527794217
en.50kaweek.online/ Name: lic_time_cookie
Value: 26126
en.50kaweek.online/ Name: s
Value: 1121761704
en.50kaweek.online/ Name: lic_time_helper_cookie
Value: 10706
en.50kaweek.online/ Name: o
Value: 3726
en.50kaweek.online/ Name: a
Value: 6920
.en.50kaweek.online/ Name: _gat_UA-80184432-1
Value: 1
en.50kaweek.online/ Name: spots_available
Value: 30
.en.50kaweek.online/ Name: _ga
Value: GA1.3.1906846190.1527794217

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ai-redirect.me
bit.ly
cdnjs.cloudflare.com
en.50kaweek.online
fonts.googleapis.com
fonts.gstatic.com
jbrotrk.com
jsanfran25.500awik.cpa.clicksure.com
maxcdn.bootstrapcdn.com
newjamtrax.com
s.ytimg.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
zenmaker.network
104.19.197.151
172.217.21.238
173.194.76.157
185.170.147.229
199.188.200.13
209.197.3.15
216.58.206.14
216.58.207.67
216.58.207.72
216.58.207.74
216.58.207.78
35.165.72.15
52.26.217.111
54.37.76.79
54.37.79.146
67.199.248.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1045300bee15c28d5a98bf1a9ee88eea8d188a7c07ad5a86b48050dfe9b1d89f
13aa38e65146a1734db1726539ef7fa2129e69772171d03f230a8812cc757828
22161a17e0342b8ddb508a65a0557f1452b0e84c5bef4e0d64cad8735f366d57
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
467bc074ef4ba9ffc97b678b9b59251e607fc7d400f7f0a9b01d6c8cc98b937e
4b98d0ae0bee1ab393622be0f9c7edc2a4d84f89ab0786e4e7d76874f0d08564
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
66e4fe51ab191d871d798815101978b58539444236cf1ba2581342dd8c861c13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
b0a23ca17305ef42cf90037aefd2877a312bd437b1c6d7415f23e86cf3f999e5
b56586ccc2a08b1ce24f1c198bd68743e94a0bc2d5bb78a195fe9dc421c77131
be54c985cc5600c1bb5f6d421492bea1ffca8e762bbf47a732ea26de9e7b0159
dce9519416c10e2bb0409807cf927280199c891dee5155ce0d2d8b3b3fea49da
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e23cca7e03476a9230883dbd4ded1d1b4ef3d8c062ee6f0cd7fad8c102059068
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fe6468e53a8521e2795b2a4d0918fbcc44e620179069ec4e4ca45bea253bef85
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995