www.samsung-win.cf Open in urlscan Pro
2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.samsung-win.cf/
Submission: On September 05 via manual (September 5th 2017, 2:28:41 pm UTC) from MA

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 45 HTTP transactions. The main IP is 2a00:1450:4001:81e::2013, located in Ireland and belongs to GOOGLE - Google Inc., US. The main domain is www.samsung-win.cf.

This is the only time www.samsung-win.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:81e::2013	15169 (GOOGLE) (GOOGLE - Google Inc.)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
20	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
1	163.172.224.34 163.172.224.34	12876 (AS12876) (AS12876)
1	146.185.16.146 146.185.16.146	() ()
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST - Steadfast)
1	107.182.233.217 107.182.233.217	29854 (WESTHOST) (WESTHOST - WestHost)
1	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	208.100.17.189 208.100.17.189	32748 (STEADFAST) (STEADFAST - Steadfast)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST - Steadfast)
1	52.17.201.199 52.17.201.199	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.58.84.163 52.58.84.163	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
45	14

3 2a00:1450:4001:81e::2013 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.samsung-win.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.112.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.224.34 (United Kingdom)

ASN12876 (AS12876, FR)
PTR: cdn04.top4top.net

d.top4top.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.16.146 (United Kingdom)

ASN- ()
PTR: 92b91092.rdns.100tb.com

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.182.233.217 (Providence, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e9d9.setaptr.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.189 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip189.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip187.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.201.199 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-201-199.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.84.163 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-84-163.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	imgur.com i.imgur.com	721 KB
6	googlesyndication.com pagead2.googlesyndication.com	123 KB
3	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	7 KB
3	samsung-win.cf www.samsung-win.cf	21 KB
2	amung.us widgets.amung.us whos.amung.us	2 KB
1	eyeota.net ps.eyeota.net	70 B
1	cpx.to s.cpx.to	95 B
1	dtscout.com t.dtscout.com	4 KB
1	top4top.net d.top4top.net	7 KB
1	googleapis.com ajax.googleapis.com	19 KB
0	bluekai.com Failed tags.bluekai.com Failed
0	doubleclick.net Failed googleads.g.doubleclick.net Failed
45	12

	Domain	Requested by
20	i.imgur.com	www.samsung-win.cf
6	pagead2.googlesyndication.com	www.samsung-win.cf pagead2.googlesyndication.com
3	www.samsung-win.cf	www.samsung-win.cf ajax.googleapis.com
1	ps.eyeota.net	www.samsung-win.cf
1	s.cpx.to	www.samsung-win.cf
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	www.samsung-win.cf
1	cdn.tynt.com	widgets.amung.us
1	t.dtscout.com	widgets.amung.us t.dtscout.com
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	www.samsung-win.cf
1	d.top4top.net	www.samsung-win.cf
1	ajax.googleapis.com	www.samsung-win.cf
0	tags.bluekai.com Failed	www.samsung-win.cf
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
45	15

This site contains links to these domains. Also see Links.

Domain
www.blogger.com

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh
*.top4top.net AlphaSSL CA - SHA256 - G2	`2017-03-03` - `2018-03-04`	a year	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.samsung-win.cf/
Frame ID: 26947.1
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170830/r20170110/zrt_lookup.html
Frame ID: 26947.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js
Frame ID: 26947.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=712277510&adf=536986986&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709405&bpp=8&bdt=84&fdt=11&idt=113&shv=r20170830&cbv=r20170110&saldr=aa&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=633&ady=481&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=66CrhB2vAq&p=http%3A//www.samsung-win.cf&dtd=130
Frame ID: 26947.6
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js
Frame ID: 26947.4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=1935187563&adf=2509594431&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709417&bpp=6&bdt=95&fdt=130&idt=150&shv=r20170830&cbv=r20170110&saldr=aa&prev_fmts=320x100&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=sqnDMqcoTh&p=http%3A//www.samsung-win.cf&dtd=165
Frame ID: 26947.8
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js
Frame ID: 26947.5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=300x250&output=html&h=250&slotname=2589151403&adk=4092676222&adf=120180925&w=300&lmt=1504616830&avail_w=0&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709423&bpp=5&bdt=102&fdt=181&idt=182&shv=r20170830&cbv=r20170110&saldr=aa&prev_fmts=320x100%2C320x100&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&xpc=iFslywHikC&p=http%3A//www.samsung-win.cf&dtd=192
Frame ID: 26947.10
Requests: 1 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 26947.13
Requests: 1 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/27519?dt=0&r=1955289922&sig=2491557639&bkca=KJpnEnaNpQlN2z7JnulhBw9teyyr5QdlzUa1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p/6BpxyBex019UGXuRx==
Frame ID: 26947.14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

45
Requests

9 %
HTTPS

23 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

904 kB
Transfer

2097 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 3

https://goo.gl/ff5zxs
http://i.imgur.com/2hSYpor.png

Request 4

https://goo.gl/J9pKy4
http://i.imgur.com/rxS2c2N.png

Request 5

https://goo.gl/ic3LM2
http://i.imgur.com/7EAMOA7.png

Request 6

https://goo.gl/WZjM3w
http://i.imgur.com/spGA3He.png

Request 7

https://goo.gl/6SASqC
http://i.imgur.com/spGA3He.png

Request 8

https://goo.gl/aetBW2
http://i.imgur.com/i4Ck6Ie.png

Request 9

https://goo.gl/Lq3r8x
http://i.imgur.com/i4Ck6Ie.png

Request 10

https://goo.gl/wmoUay
http://i.imgur.com/9pS6R1R.png

Request 11

https://goo.gl/pimNny
http://i.imgur.com/BKktPoj.png

Request 12

https://goo.gl/fECa1R
http://i.imgur.com/c5HdvnQ.png

Request 14

https://goo.gl/L1BmEk
http://i.imgur.com/6Zm3NaT.jpg

Request 15

https://goo.gl/YUbhqu
http://i.imgur.com/9N0nto9.jpg

Request 16

https://goo.gl/93P9ZT
http://i.imgur.com/1j6Qyb1.jpg

Request 17

https://goo.gl/Nyxzk2
http://i.imgur.com/oZcfUDK.jpg

Request 18

https://goo.gl/2Cx1M5
http://i.imgur.com/Z6366YV.jpg

Request 19

https://goo.gl/xUoFBZ
http://i.imgur.com/tfeo3eI.jpg

Request 20

https://goo.gl/6zj9UU
http://i.imgur.com/YXFLpVc.jpg

Request 21

https://goo.gl/2nN1eG
http://i.imgur.com/wbHKL3D.png

Request 22

https://goo.gl/juV2BW
http://i.imgur.com/BLMmsTj.png

Request 23

https://goo.gl/R1WFH3
http://i.imgur.com/u2NBJuc.png

Request 49

http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=6949764741737428193

Request 50

http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEBEpd_JtbSSCmG6csTX3JdU&google_cver=1

Request 51

http://tags.bluekai.com/site/27519?id=CmUMLlmutI0K7QSsGWLDAg%3D%3D&ret=html&random=1504621710112
http://tags.bluekai.com/site/27519?dt=0&r=1955289922&sig=2491557639&bkca=KJpnEnaNpQlN2z7JnulhBw9teyyr5QdlzUa1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p/6BpxyBex019UGXuRx==

45 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.samsung-win.cf/ 530 KB
19 KB 172ms
166ms Document
text/html 2a00:1450:4001:81e::2013
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.samsung-win.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

06b691ab1a253bbe2311a847bf076597919fed9665c14cb5225052d23f80960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Sep 2017 13:07:10 GMT
Server: GSE
ETag: W/"71aa94d8ff1361112d944ac6456bbaec28fbc124e0c378167e64fe45caaf26c0"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 19888
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 14:28:29 GMT

GET
H/1.1 200
OK cookiechoices.js Show response
www.samsung-win.cf/js/ 6 KB
2 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:81e::2013
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.samsung-win.cf/js/cookiechoices.js

Requested by

Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Wed, 30 Aug 2017 09:19:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Mar 2017 02:50:03 GMT
Server: sffe
Age: 536943
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 1949
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Sep 2017 09:19:26 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 62 KB
23 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

7ed69f2dd198f8260b6b20a32628d35c24f8548e85257a8d79cd26e481db4b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:25:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 192
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 11087841793178957796
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 23274
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 15:25:17 GMT

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 30 Aug 2017 19:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501076
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 19926
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Aug 2018 19:17:13 GMT

GET
H/1.1

200
OK

2hSYpor.png
i.imgur.com/
Redirect Chain

https://goo.gl/ff5zxs
http://i.imgur.com/2hSYpor.png

3 KB
3 KB

20ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/2hSYpor.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 9a101fd378fccc1815eac7ebb2de9bc3df5b8399346a248face246615711e945

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 1026073
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2666
X-Served-By: cache-iad2132-IAD, cache-hhn1528-HHN
Last-Modified: Thu, 24 Aug 2017 17:27:16 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.458162,VS0,VE0
ETag: "bba0327bb50db943361eee6de9e41d4f"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 9bd68c9ff2ad178c8a2f431c44319125ee598d89a8b5752f1e39800029a396a6
Accept-Ranges: bytes
X-Cache-Hits: 1, 269

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/2hSYpor.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rxS2c2N.png
i.imgur.com/
Redirect Chain

https://goo.gl/J9pKy4
http://i.imgur.com/rxS2c2N.png

14 KB
14 KB

15ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/rxS2c2N.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: ada24a7e52507ecf7d4c8ceaf526d1701f022b445db016284508aa80d0e2475c

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 949137
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 14782
X-Served-By: cache-iad2120-IAD, cache-hhn1548-HHN
Last-Modified: Fri, 25 Aug 2017 14:49:31 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.456869,VS0,VE0
ETag: "007cab9d53364fa4350a5e30fd222b8f"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: c4ec5fe428f452d1b2c5a60f79cae0e58925e67cf1304734378d573276b91205
Accept-Ranges: bytes
X-Cache-Hits: 1, 1811

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/rxS2c2N.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

7EAMOA7.png
i.imgur.com/
Redirect Chain

https://goo.gl/ic3LM2
http://i.imgur.com/7EAMOA7.png

180 KB
180 KB

12ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/7EAMOA7.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d6125f49e92dabffb7bb6387d7fb4c1f75d67bd47cdce8d18631f110758f6542

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 948360
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 184086
X-Served-By: cache-iad2136-IAD, cache-hhn1520-HHN
Last-Modified: Fri, 25 Aug 2017 15:02:30 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.458540,VS0,VE0
ETag: "0881018728023dab14aa1ea2c8f1bce3"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 1cc033d70c9e1d64ed30f8d4d3f1792d76f141f7035c701dac40e48f60f8c48d
Accept-Ranges: bytes
X-Cache-Hits: 1, 3

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/7EAMOA7.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

spGA3He.png
i.imgur.com/
Redirect Chain

https://goo.gl/WZjM3w
http://i.imgur.com/spGA3He.png

20 KB
20 KB

20ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/spGA3He.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 946525
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 20233
X-Served-By: cache-iad2122-IAD, cache-hhn1543-HHN
Last-Modified: Fri, 25 Aug 2017 15:33:03 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.465679,VS0,VE0
ETag: "4bfa01837696d5f8557a821b1a15a90f"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 6cc2d44ccf1bcafb2f708f16e0698469bf0f1e692556ad3ab937aa1c617052a8
Accept-Ranges: bytes
X-Cache-Hits: 1, 118

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/spGA3He.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

spGA3He.png
i.imgur.com/
Redirect Chain

https://goo.gl/6SASqC
http://i.imgur.com/spGA3He.png

20 KB
20 KB

43ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/spGA3He.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 946526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 20233
X-Served-By: cache-iad2122-IAD, cache-hhn1548-HHN
Last-Modified: Fri, 25 Aug 2017 15:33:03 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.479033,VS0,VE0
ETag: "4bfa01837696d5f8557a821b1a15a90f"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 6cc2d44ccf1bcafb2f708f16e0698469bf0f1e692556ad3ab937aa1c617052a8
Accept-Ranges: bytes
X-Cache-Hits: 1, 344

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/spGA3He.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

i4Ck6Ie.png
i.imgur.com/
Redirect Chain

https://goo.gl/aetBW2
http://i.imgur.com/i4Ck6Ie.png

19 KB
19 KB

43ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/i4Ck6Ie.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 946471
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 19454
X-Served-By: cache-iad2123-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 15:33:56 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.481180,VS0,VE0
ETag: "c977d5b6c8539b54a6df87059ddcf3ed"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 80953a19c8a54e3161a9c4cae0495b4e466fde6cc9384ba91b5b7ff24fb8c149
Accept-Ranges: bytes
X-Cache-Hits: 1, 260

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/i4Ck6Ie.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 180
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

i4Ck6Ie.png
i.imgur.com/
Redirect Chain

https://goo.gl/Lq3r8x
http://i.imgur.com/i4Ck6Ie.png

19 KB
19 KB

6ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/i4Ck6Ie.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 946472
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 19454
X-Served-By: cache-iad2123-IAD, cache-hhn1538-HHN
Last-Modified: Fri, 25 Aug 2017 15:33:56 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621710.502392,VS0,VE0
ETag: "c977d5b6c8539b54a6df87059ddcf3ed"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 80953a19c8a54e3161a9c4cae0495b4e466fde6cc9384ba91b5b7ff24fb8c149
Accept-Ranges: bytes
X-Cache-Hits: 1, 9

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/i4Ck6Ie.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 180
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

9pS6R1R.png
i.imgur.com/
Redirect Chain

https://goo.gl/wmoUay
http://i.imgur.com/9pS6R1R.png

3 KB
3 KB

18ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/9pS6R1R.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 1022445
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3489
X-Served-By: cache-iad2149-IAD, cache-hhn1528-HHN
Last-Modified: Thu, 24 Aug 2017 18:27:43 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.465789,VS0,VE0
ETag: "7bdb8750d13dba0106f3c827fe0f0234"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 7809b4c4bced6043132cf92e90a7ccf7d8d4644c8b33c6a5992485c24c93303b
Accept-Ranges: bytes
X-Cache-Hits: 1, 30

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/9pS6R1R.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 179
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

BKktPoj.png
i.imgur.com/
Redirect Chain

https://goo.gl/pimNny
http://i.imgur.com/BKktPoj.png

3 KB
3 KB

6ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/BKktPoj.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 931433
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3489
X-Served-By: cache-iad2132-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 19:44:35 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621710.500633,VS0,VE0
ETag: "7bdb8750d13dba0106f3c827fe0f0234"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 561a61ccf26e7dbf8d3a16442cce6059a01cc5753b640801a752a061c5ff35e9
Accept-Ranges: bytes
X-Cache-Hits: 1, 196

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/BKktPoj.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

c5HdvnQ.png
i.imgur.com/
Redirect Chain

https://goo.gl/fECa1R
http://i.imgur.com/c5HdvnQ.png

4 KB
4 KB

6ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/c5HdvnQ.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 17a22058a900c77b5b18e11851140d7cda3f2b2ba3de29dab5657e6b70b643ae

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 1016268
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 4147
X-Served-By: cache-iad2121-IAD, cache-hhn1538-HHN
Last-Modified: Thu, 24 Aug 2017 20:10:41 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621710.509112,VS0,VE0
ETag: "768b320b5c3724c062db790279495045"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 1265de99218a73ba06c31b60a9bda2acb19561450da83f965c08665fd415d8fb
Accept-Ranges: bytes
X-Cache-Hits: 1, 229

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/c5HdvnQ.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 179
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content m_6029mzr71.mp3
d.top4top.net/ 7 KB
7 KB 80ms
18ms Media
audio/mpeg 163.172.224.34
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://d.top4top.net/m_6029mzr71.mp3

Requested by

Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.172.224.34 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

cdn04.top4top.net

Software

HotCores /

Resource Hash

4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: http://www.samsung-win.cf/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

X-File-ID: x19240179x
Date: Tue, 05 Sep 2017 14:28:29 GMT
Last-Modified: Fri, 25 Aug 2017 19:21:10 GMT
Server: HotCores
ETag: "59a078a6-1a38"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: audio/mpeg
Content-Range: bytes 0-6711/6712
Cache-Control: max-age=7200
Content-Disposition: inline; filename="alert6.mp3"
Connection: close
Content-Length: 6712
Expires: Tue, 05 Sep 2017 16:28:29 GMT

GET
H/1.1

200
OK

6Zm3NaT.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/L1BmEk
http://i.imgur.com/6Zm3NaT.jpg

9 KB
9 KB

24ms
5ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/6Zm3NaT.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 4e9b228e30033ea5230099643de3964a18904e6f31c389bdf8891eb453887e89

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 944945
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 9401
X-Served-By: cache-iad2125-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 15:59:24 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.471365,VS0,VE0
ETag: "f55ad884e471aab0681c45df60571bc5"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: a252387e9351f352506bec23d8a3a6d565bf20724678a975687f7e181568b5f8
Accept-Ranges: bytes
X-Cache-Hits: 1, 36

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/6Zm3NaT.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 180
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

9N0nto9.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/YUbhqu
http://i.imgur.com/9N0nto9.jpg

7 KB
7 KB

27ms
6ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/9N0nto9.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 11a667973b7b79e7ec72619982ceabcf31801b5b58e8eb697f634a615bed0971

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 936447
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7140
X-Served-By: cache-iad2124-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 18:21:01 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.474688,VS0,VE0
ETag: "18542a9c1da0b84f36c05c3553bd1986"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 3553abe5403c87c71be0891b9c0f3389c17342d5178f0fcfc4a2bbf6eef0829d
Accept-Ranges: bytes
X-Cache-Hits: 1, 608

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/9N0nto9.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1j6Qyb1.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/93P9ZT
http://i.imgur.com/1j6Qyb1.jpg

49 KB
49 KB

30ms
5ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/1j6Qyb1.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 7bbb5f7e5c12de7a45632603c5a0529cef2e3ef54903784841b0fee5c597a1c9

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 935794
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 50274
X-Served-By: cache-iad2132-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 18:31:55 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.477573,VS0,VE0
ETag: "e76c316163e36ef15c11d6afd571244c"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 3494fc0b4bdd89e0c63f4f24b435325ffb1806a690159da7fb143fa135c8f550
Accept-Ranges: bytes
X-Cache-Hits: 1, 549

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/1j6Qyb1.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 180
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

oZcfUDK.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/Nyxzk2
http://i.imgur.com/oZcfUDK.jpg

25 KB
25 KB

15ms
6ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/oZcfUDK.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: b99fde94a3e70370984f14cf7602e185290a42e5078ed07b15a41f54f0da5b68

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 936018
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 25808
X-Served-By: cache-iad2148-IAD, cache-hhn1538-HHN
Last-Modified: Fri, 25 Aug 2017 18:28:10 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.468008,VS0,VE0
ETag: "b9e114e2e5cae5fe6662c1f1e39357bb"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 1a6359a3342c18a93236a7ce098a486f6e965738401f9d6d51545ecb1f86e707
Accept-Ranges: bytes
X-Cache-Hits: 1, 539

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/oZcfUDK.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 179
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Z6366YV.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/2Cx1M5
http://i.imgur.com/Z6366YV.jpg

146 KB
146 KB

30ms
7ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/Z6366YV.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: bb80d1d0f0850fc979e8d1a7dcf2083348ab19bf7add33b47f964cf84c565eb5

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 935575
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 149025
X-Served-By: cache-iad2150-IAD, cache-hhn1538-HHN
Last-Modified: Fri, 25 Aug 2017 18:35:33 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.481535,VS0,VE2
ETag: "4d2ff94f3ecd23d56ea53c9be08b3415"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: a378782c9aa8b7086b455f1d95621b74cb06ecf7219da74cc077eb543dfd173d
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/Z6366YV.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 180
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tfeo3eI.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/xUoFBZ
http://i.imgur.com/tfeo3eI.jpg

27 KB
27 KB

15ms
5ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/tfeo3eI.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 5631a7b66f3855bf88b20cf36fd3290f5b3b64dc1812df8dd4b39696b4977af5

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 935756
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27687
X-Served-By: cache-iad2143-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 18:32:33 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.462674,VS0,VE0
ETag: "e57351f93551fe25de7565b0c5cafb2d"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 2fe9103424bc1c6757379c9fc1d7b3ecef83fdc192d5a5ba892e451d6d8bff7a
Accept-Ranges: bytes
X-Cache-Hits: 1, 705

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/tfeo3eI.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

YXFLpVc.jpg
i.imgur.com/
Redirect Chain

https://goo.gl/6zj9UU
http://i.imgur.com/YXFLpVc.jpg

81 KB
81 KB

21ms
6ms

Image
image/jpeg

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/YXFLpVc.jpg
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 14ae7e3f5b01287d78a2b6518d7263117a5f07a3edb6d5c251741e00efd3f99f

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 935641
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 82891
X-Served-By: cache-iad2127-IAD, cache-hhn1543-HHN
Last-Modified: Fri, 25 Aug 2017 18:34:26 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.476083,VS0,VE0
ETag: "b75f0e1edfc9f4f692d1422cc8ece689"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: a3dab6a8eea64915279e4f38396c6e7cbb9e1f6656533f3e1b294fce16998b44
Accept-Ranges: bytes
X-Cache-Hits: 1, 2284

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/YXFLpVc.jpg
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

wbHKL3D.png
i.imgur.com/
Redirect Chain

https://goo.gl/2nN1eG
http://i.imgur.com/wbHKL3D.png

53 KB
53 KB

22ms
6ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/wbHKL3D.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 2981226953e7a2298040b6737cca253d7773ea34d515dad26312a2ae26da5d19

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 943866
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 54098
X-Served-By: cache-iad2130-IAD, cache-hhn1548-HHN
Last-Modified: Fri, 25 Aug 2017 16:17:22 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621709.467344,VS0,VE0
ETag: "e9a80ae79445a108c96970b0447017a1"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: d9cf1c0906ff6c1e889dd1ed89ba06de7e7bd3fc8bc91f48d76c7b942e9cedc0
Accept-Ranges: bytes
X-Cache-Hits: 1, 192

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/wbHKL3D.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 179
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

BLMmsTj.png
i.imgur.com/
Redirect Chain

https://goo.gl/juV2BW
http://i.imgur.com/BLMmsTj.png

36 KB
36 KB

5ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/BLMmsTj.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 31937a0b9cc495127dbf3f123a5da000e8cdcbe8a8449def2ca188939f0391be

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 1008216
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 37109
X-Served-By: cache-iad2148-IAD, cache-hhn1528-HHN
Last-Modified: Thu, 24 Aug 2017 22:24:54 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621710.503791,VS0,VE0
ETag: "ab0d577fbdf72d665e4d89129aaece1f"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: ae265d4f1642f102a6e7e6c607c2b91f666ffef37e79a0133dd65af31dd17326
Accept-Ranges: bytes
X-Cache-Hits: 1, 21

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/BLMmsTj.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

u2NBJuc.png
i.imgur.com/
Redirect Chain

https://goo.gl/R1WFH3
http://i.imgur.com/u2NBJuc.png

2 KB
2 KB

6ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/u2NBJuc.png
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: ad9d9e28cc93b3885b6f70f9de27fb72fe31c5637376561e2b52a84c41367d17

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Age: 995308
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2414
X-Served-By: cache-iad2149-IAD, cache-hhn1528-HHN
Last-Modified: Fri, 25 Aug 2017 02:00:01 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1504621710.506562,VS0,VE0
ETag: "6d88f383324c43f67db8e4603f4708e0"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 7a84e7c339ca8a8fa8dd8423033d3338a26df8a62d9d79c1ecd759d63dfc0680
Accept-Ranges: bytes
X-Cache-Hits: 1, 590

Redirect headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 301
date: Tue, 05 Sep 2017 14:28:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: http://i.imgur.com/u2NBJuc.png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 178
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK small.js Show response
widgets.amung.us/ 5 KB
2 KB 35ms
18ms Script
application/x-javascript 146.185.16.146

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.amung.us/small.js
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 146.185.16.146 , United Kingdom, ASN (),
Reverse DNS: 92b91092.rdns.100tb.com
Software: nginx/1.9.6 /
Resource Hash: f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Jun 2017 16:37:24 GMT
Server: nginx/1.9.6
ETag: W/"593acec4-1404"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=60
Connection: keep-alive
Expires: Tue, 05 Sep 2017 14:29:29 GMT

GET
H/1.1 200
OK /
www.samsung-win.cf/ 32 KB
0 155ms
155ms Image
text/html 2a00:1450:4001:81e::2013
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.samsung-win.cf/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Sep 2017 13:07:10 GMT
Server: GSE
ETag: W/"71aa94d8ff1361112d944ac6456bbaec28fbc124e0c378167e64fe45caaf26c0"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 19888
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 14:28:29 GMT

GET
S 200 ca-pub-3825056521416531.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
134 B 20ms
7ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3825056521416531.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Tue, 05 Sep 2017 07:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2017 19:38:14 GMT
server: sffe
age: 24510
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Tue, 05 Sep 2017 19:39:59 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170830/r20170110/ Frame 2694 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/ Frame 2694 190 KB
70 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

1da40900fe2967bf99fbbfe13aecb1d66c32e2de1ece2621b82d60ff445f6dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 5610287423687338418
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71193
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 14:28:29 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 34 B
65 B 213ms
106ms Script
text/javascript 67.202.94.93
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ct99jul5zg8a&t=Galaxy%20Note8&c=s&y=&a=0&d=0.226&v=22&r=3547
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol: HTTP/1.1
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: amung.us
Software: /
Resource Hash: f9e66230a2abf3078ce060a9975e925d94776f99902cd848d6cc68083ff4efad

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 4 KB
4 KB 315ms
156ms Script
application/javascript 107.182.233.217
WestHost

General

Check archive.org

Show headers Download Go to

Full URL: http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.samsung-win.cf%2F&j=
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol: HTTP/1.1
Server: 107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS: 6bb6e9d9.setaptr.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0894937b748b73bc719da0c2a0a6c01310a1d20e6be639ba3e0f14dbe897e13a

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Z: I
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Tue, 05 Sep 2017 14:28:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2694 0
0

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/ Frame 2694 83 KB
31 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

48eb9f32adf8eea39deca5e2e5a7a67979eb4eb2d2a9e06908017a7c8bfdd76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Mon, 04 Sep 2017 09:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 31253
x-xss-protection: 1; mode=block
server: cafe
etag: 1445085175973928292
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2017 09:54:48 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/ Frame 2694 190 KB
0 50ms
50ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

1da40900fe2967bf99fbbfe13aecb1d66c32e2de1ece2621b82d60ff445f6dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5610287423687338418
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 71193
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 14:28:29 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2694 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/ Frame 2694 190 KB
0 50ms
50ms Script
text/javascript 2a00:1450:4001:820::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170830/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

1da40900fe2967bf99fbbfe13aecb1d66c32e2de1ece2621b82d60ff445f6dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Timing-Allow-Origin: *
Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5610287423687338418
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 71193
X-XSS-Protection: 1; mode=block
Expires: Tue, 05 Sep 2017 14:28:29 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2694 0
0

GET
H/1.1 200
OK tc.js Show response
cdn.tynt.com/ 15 KB
6 KB 14ms
8ms Script
application/javascript 104.16.87.26
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol: HTTP/1.1
Server: 104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 71b1c640270a746608d4ddf442d39b8483f17fadf627576bf71c46bae8507779

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 03 Aug 2017 16:21:56 GMT
Server: cloudflare-nginx
ETag: W/"59834da4-3ddc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3999e01576226403-FRA
Expires: Fri, 08 Sep 2017 14:28:29 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/gif

GET
H/1.1 200
OK p
ic.tynt.com/b/ 35 B
35 B 203ms
101ms Image
image/gif 208.100.17.189
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!ct99jul5zg8a&lm=0&ts=1504621709694&dn=TC&iso=0&ct=Samsung%20Galaxy%20Note8&t=Galaxy%20Note8
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 208.100.17.189 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip189.208-100-17.static.steadfastdns.net
Software: nginx/1.10.3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Last-Modified: Fri, 16 Apr 2010 15:38:20 GMT
Server: nginx/1.10.3
ETag: "4bc8846c-23"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 35
Expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET /
t.dtscout.com/idg/ Frame 2694 0
0

GET
H/1.1 200 v2 Show response
de.tynt.com/deb/ 704 B
704 B 220ms
111ms Script
application/javascript 208.100.17.187
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://de.tynt.com/deb/v2?id=w!ct99jul5zg8a&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol: HTTP/1.1
Server: 208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip187.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: 882169ad5744dfa631f3f4d501371a97899aa40858cabe060fd2f0e473576731

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Content-Type: application/javascript
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length: 704
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=6949764741737428193

95 B
95 B

54ms
28ms

Image
image/png

52.17.201.199
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=6949764741737428193
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 52.17.201.199 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-201-199.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Sep 2017 14:28:30 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 05 Sep 2017 14:28:30 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Sep 2017 14:28:32 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.57:80
AN-X-Request-Uuid: 91078414-6754-4b5f-8537-9567a984687a
Server: nginx/1.11.5
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=6949764741737428193
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEBEpd_JtbSSCmG6csTX3JdU&google_cver=1

70 B
70 B

7ms
7ms

Image
image/gif

52.58.84.163
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEBEpd_JtbSSCmG6csTX3JdU&google_cver=1
Requested by: Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol: HTTP/1.1
Server: 52.58.84.163 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-84-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: http://www.samsung-win.cf/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Tue, 05 Sep 2017 14:28:30 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 05 Sep 2017 14:28:30 GMT
Server: HTTP server (unknown)
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEBEpd_JtbSSCmG6csTX3JdU&google_cver=1
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Length: 310
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

27519
tags.bluekai.com/site/ Frame 2694
Redirect Chain

http://tags.bluekai.com/site/27519?id=CmUMLlmutI0K7QSsGWLDAg%3D%3D&ret=html&random=1504621710112
http://tags.bluekai.com/site/27519?dt=0&r=1955289922&sig=2491557639&bkca=KJpnEnaNpQlN2z7JnulhBw9teyyr5QdlzUa1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p/6BpxyBex019UGXuRx==

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170830/r20170110/zrt_lookup.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=712277510&adf=536986986&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709405&bpp=8&bdt=84&fdt=11&idt=113&shv=r20170830&cbv=r20170110&saldr=aa&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=633&ady=481&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=66CrhB2vAq&p=http%3A//www.samsung-win.cf&dtd=130

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=1935187563&adf=2509594431&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709417&bpp=6&bdt=95&fdt=130&idt=150&shv=r20170830&cbv=r20170110&saldr=aa&prev_fmts=320x100&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=sqnDMqcoTh&p=http%3A//www.samsung-win.cf&dtd=165

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=300x250&output=html&h=250&slotname=2589151403&adk=4092676222&adf=120180925&w=300&lmt=1504616830&avail_w=0&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504621709423&bpp=5&bdt=102&fdt=181&idt=182&shv=r20170830&cbv=r20170110&saldr=aa&prev_fmts=320x100%2C320x100&correlator=253209504383&frm=20&ga_vid=34703787.1504621710&ga_sid=1504621710&ga_hid=309600053&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060949%2C575144605%2C21060849&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&xpc=iFslywHikC&p=http%3A//www.samsung-win.cf&dtd=192

Domain: t.dtscout.com
URL: http://t.dtscout.com/idg/

Domain: tags.bluekai.com
URL: http://tags.bluekai.com/site/27519?dt=0&r=1955289922&sig=2491557639&bkca=KJpnEnaNpQlN2z7JnulhBw9teyyr5QdlzUa1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p/6BpxyBex019UGXuRx==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	2019-09-05 14:28:30	Name: IDE Value: AHWqTUmwLUAlvdVlAjRT2g4u6n_0WZGXY_84vP2clvBQL9ZnbVRkQHX-b89vq7Z9
.dtscout.com/	2022-09-04 14:28:29	Name: d Value: null
.dtscout.com/	2017-09-05 22:28:29	Name: b Value: 1
.dtscout.com/	2017-09-05 14:58:29	Name: m Value: 1
.dtscout.com/	2017-09-06 14:28:29	Name: ah Value: 1
.doubleclick.net/	2017-09-05 15:28:30	Name: DSID Value: NO_DATA
.dtscout.com/	2017-09-05 22:28:29	Name: es Value: 1
.bluekai.com/	2018-03-04 14:28:30	Name: bkdc Value: iad
.dtscout.com/	2019-09-05 14:28:29	Name: df Value: 1504621709
.dtscout.com/	2037-12-31 23:55:55	Name: l Value: a7bp2VmutI1THWvGbCiIAg==
.bluekai.com/	2018-03-04 14:28:30	Name: bku Value: 4tL99/b6gkZmPYCW

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tynt.com
d.top4top.net
de.tynt.com
googleads.g.doubleclick.net
i.imgur.com
ic.tynt.com
pagead2.googlesyndication.com
ps.eyeota.net
s.cpx.to
t.dtscout.com
tags.bluekai.com
whos.amung.us
widgets.amung.us
www.samsung-win.cf
googleads.g.doubleclick.net
t.dtscout.com
tags.bluekai.com
104.16.87.26
107.182.233.217
146.185.16.146
151.101.112.193
163.172.224.34
208.100.17.187
208.100.17.189
2a00:1450:4001:81e::2013
2a00:1450:4001:820::2002
2a00:1450:4001:824::200a
52.17.201.199
52.58.84.163
67.202.94.93
06b691ab1a253bbe2311a847bf076597919fed9665c14cb5225052d23f80960e
0894937b748b73bc719da0c2a0a6c01310a1d20e6be639ba3e0f14dbe897e13a
11a667973b7b79e7ec72619982ceabcf31801b5b58e8eb697f634a615bed0971
14ae7e3f5b01287d78a2b6518d7263117a5f07a3edb6d5c251741e00efd3f99f
17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a
17a22058a900c77b5b18e11851140d7cda3f2b2ba3de29dab5657e6b70b643ae
1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab
1da40900fe2967bf99fbbfe13aecb1d66c32e2de1ece2621b82d60ff445f6dac
2981226953e7a2298040b6737cca253d7773ea34d515dad26312a2ae26da5d19
31937a0b9cc495127dbf3f123a5da000e8cdcbe8a8449def2ca188939f0391be
48eb9f32adf8eea39deca5e2e5a7a67979eb4eb2d2a9e06908017a7c8bfdd76f
4e9b228e30033ea5230099643de3964a18904e6f31c389bdf8891eb453887e89
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
5631a7b66f3855bf88b20cf36fd3290f5b3b64dc1812df8dd4b39696b4977af5
71b1c640270a746608d4ddf442d39b8483f17fadf627576bf71c46bae8507779
7bbb5f7e5c12de7a45632603c5a0529cef2e3ef54903784841b0fee5c597a1c9
7ed69f2dd198f8260b6b20a32628d35c24f8548e85257a8d79cd26e481db4b34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882169ad5744dfa631f3f4d501371a97899aa40858cabe060fd2f0e473576731
8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94
9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6
9a101fd378fccc1815eac7ebb2de9bc3df5b8399346a248face246615711e945
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
ad9d9e28cc93b3885b6f70f9de27fb72fe31c5637376561e2b52a84c41367d17
ada24a7e52507ecf7d4c8ceaf526d1701f022b445db016284508aa80d0e2475c
b99fde94a3e70370984f14cf7602e185290a42e5078ed07b15a41f54f0da5b68
bb80d1d0f0850fc979e8d1a7dcf2083348ab19bf7add33b47f964cf84c565eb5
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
d6125f49e92dabffb7bb6387d7fb4c1f75d67bd47cdce8d18631f110758f6542
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a
f9e66230a2abf3078ce060a9975e925d94776f99902cd848d6cc68083ff4efad

www.samsung-win.cf Open in urlscan Pro 2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

9 %HTTPS

23 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

904 kBTransfer

2097 kBSize

11 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.samsung-win.cf Open in urlscan Pro
2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

9 %
HTTPS

23 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

904 kB
Transfer

2097 kB
Size

11
Cookies

45 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!