urlscan.io logo urlscan.io
SecurityTrails logo

getnindscompany.com Open in urlscan Pro
2606:4700:3032::6815:26ed  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Effective URL: https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016...
Submission: On February 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3032::6815:26ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is getnindscompany.com.
TLS certificate: Issued by GTS CA 1P5 on January 29th 2024. Valid for: 3 months.
This is the only time getnindscompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    199.34.228.53 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-1.weebly.com
bestdup394.weebly.com
13    2a04:4e42:400::302 (United States)

ASN54113 (FASTLY, US)
cdn2.editmysite.com
3    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:3037::ac43:dac4 (United States)

ASN13335 (CLOUDFLARENET, US)
qpdownload.com
www.qpdownload.com
1    2606:4700:3030::ac43:d45a (United States)

ASN13335 (CLOUDFLARENET, US)
basati.info
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    35.161.243.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-243-72.us-west-2.compute.amazonaws.com
ec.editmysite.com
1    2600:1f18:66d3:cb10:a2ea:be15:169b:a23a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cddtsecure.com
3    2606:4700:3030::6815:cef (United States)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
1    108.62.123.181 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
topsolutions.rdtk.io
2    2606:4700:3032::6815:26ed (United States)

ASN13335 (CLOUDFLARENET, US)
getnindscompany.com
3    2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
1    2606:4700:3037::ac43:84bf (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
Apex Domain
Subdomains		 Transfer
15 editmysite.com
cdn2.editmysite.com — Cisco Umbrella Rank: 12531
ec.editmysite.com — Cisco Umbrella Rank: 13672
469 KB
9 weebly.com
bestdup394.weebly.com
245 KB
4 gstatic.com
fonts.gstatic.com
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
36 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 35342
t.ocmhood.com — Cisco Umbrella Rank: 11670
13 KB
3 adspredictiv.com
adspredictiv.com
5 KB
3 qpdownload.com
qpdownload.com
www.qpdownload.com
1 KB
2 getnindscompany.com
getnindscompany.com
21 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 37123
757 B
1 rdtk.io
topsolutions.rdtk.io — Cisco Umbrella Rank: 390180
1022 B
1 cddtsecure.com
cddtsecure.com
4 KB
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 570
17 KB
1 basati.info
basati.info
816 B
41 13
Domain Requested by
13 cdn2.editmysite.com bestdup394.weebly.com
ajax.googleapis.com
cdn2.editmysite.com
9 bestdup394.weebly.com 1 redirects bestdup394.weebly.com
ajax.googleapis.com
4 fonts.gstatic.com fonts.googleapis.com
3 adspredictiv.com 2 redirects bestdup394.weebly.com
3 fonts.googleapis.com bestdup394.weebly.com
2 t.ocmhood.com sdk.ocmhood.com
2 getnindscompany.com adspredictiv.com
getnindscompany.com
2 ec.editmysite.com cdn2.editmysite.com
2 www.qpdownload.com 1 redirects bestdup394.weebly.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 sdk.ocmhood.com getnindscompany.com
1 topsolutions.rdtk.io 1 redirects
1 cddtsecure.com 1 redirects
1 ssl.google-analytics.com bestdup394.weebly.com
1 basati.info bestdup394.weebly.com
1 qpdownload.com 1 redirects
1 ajax.googleapis.com bestdup394.weebly.com
41 17

This site contains no links.

Subject Issuer Validity Valid
*.weebly.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-28 -
2024-11-15		 a year crt.sh
*.editmysite.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-12 -
2024-07-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
basati.info
GTS CA 1P5		 2023-12-09 -
2024-03-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
ec.editmysite.com
Amazon RSA 2048 M01		 2023-06-12 -
2024-07-10		 a year crt.sh
adspredictiv.com
GTS CA 1P5		 2023-12-31 -
2024-03-30		 3 months crt.sh
getnindscompany.com
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
ocmtag.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
Frame ID: D2BDD41DB4A7FC276DE2E388F170174F
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow

Page URL History Show full URLs

  1. http://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html HTTP 301
    https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html Page URL
  2. https://cddtsecure.com/?a=163389&c=337953&co=212705&mt=4&s1=bas&s2=casino&s3=spooky+spins+slot+mach... HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&su... Page URL
  3. https://adspredictiv.com/jump/next.php?stamat=m%257CKuo3dnNhaQdHQAH0dEdHP3xP.7c7%252CTwuhcE9ytvGl4nFR... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23721366&stamat=m%257C%252C%252CwjOmYia_tGU3Bf-GH0dEdHP3x... HTTP 302
    https://topsolutions.rdtk.io/652a7a9bc4965b000158099d?sub1=3744083-887628016-33078332&sub2=[udid]&sub3=36... HTTP 302
    https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.editmysite\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

14
IPs

1
Countries

905 kB
Transfer

2407 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html HTTP 301
    https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html Page URL
  2. https://cddtsecure.com/?a=163389&c=337953&co=212705&mt=4&s1=bas&s2=casino&s3=spooky+spins+slot+machine+for+sale&s4=https%3A%2F%2Fbestdup394.weebly.com%2F&s5=Chrome+Generic+%2F+Win10 HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas Page URL
  3. https://adspredictiv.com/jump/next.php?stamat=m%257CKuo3dnNhaQdHQAH0dEdHP3xP.7c7%252CTwuhcE9ytvGl4nFRHB_Ai6o6e7Q6JFDHAKafL4hf1REr42ZB3lhJbT3lOjvqwODA1ymjczlHWMTsdWfrBEDGibh2jHBI0Sepl7lWGNvUNzcvHo8Bss7n5cWzT2ZWgUOHm2E5PzqZmmjpJ9Nx5_h0E3fNQTIWxjJDfgWgNF-YjoI%252C&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas&cbur=0.03329063874095306&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fbestdup394.weebly.com%2F HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23721366&stamat=m%257C%252C%252CwjOmYia_tGU3Bf-GH0dEdHP3xP.ca4%252CIj8Bn94E2RwAini2oDrx2EUNdC16hbXF6ZoHRxoNesWoajJTq0C6WVgp7aoHw68NLDek6kLSisY5rdPQJj43HfWTtmWcJiJiuMLjfYe4RmC0OMVoQjVf3uk63UMzdbxWumkZockzcjFOfCuzNV6jytzPDUSlDoF4P5281sHCf-vItlEE-Lp3GMR3TkXLIK_rt-wrCw4LKc-ZvvnYFecQpt_B4x1sqG6JjKfazJxXXWQhRdNoBOUHpW3EzNWL4L404dqTylMWEAEvTVWbgRGxdHQettqSh_ZmS4VT2spDHvCxZmB4XKln2eULvxSi1uBXrbv0FDDC-RN3vhb3UkKpnYQqzfNjTQs-82wCEtIY3vp26mvb_xbeLsEpi-n7RE2AGnJhBIPCUldTOlpvMJ4OZo7tFqM4mkDpVu8RAYRTxcuuWObGV9Qm3NcqgJ1dmmehsF7-r9YraN7gdoMwQx5JFD45GPqgcAabsigkyPBHzuZwf0rIVg-cWdCmHngzOgJ5puIha5h2Pw9zrCVqDOOccJb4V26MlKp6biR7PEtMMatSAiZ8hjCVL5Ig7y3HS6Q1oATs8Ya99En0WbuyYJ9TZmsM57Oknh_Ronrpvpq_OqKuilcnMy7ntM6AGebPa-w6kGzQVJ-m7rkqSKmbvr9eE2bOhKleIEfK_v0aEzhUpZ_wzmjBW14y-vSKu1lEIr1k HTTP 302
    https://topsolutions.rdtk.io/652a7a9bc4965b000158099d?sub1=3744083-887628016-33078332&sub2=[udid]&sub3=366300420&sub4=126766&sub5=1707178300&sub6=3744083&sub7=US&sub8=1000&sub9=Nexeon%20Technologies&ref_id=170717830010000TUSTV62602Rffc8R2R104RR156V7e30c HTTP 302
    https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html HTTP 301
  • https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Request Chain 13
  • https://qpdownload.com/data/spooky-spins/screenshot/spooksmall.png HTTP 301
  • https://www.qpdownload.com/data/spooky-spins/screenshot/spooksmall.png HTTP 301
  • https://www.qpdownload.com/windows/data
Request Chain 34
  • https://cddtsecure.com/?a=163389&c=337953&co=212705&mt=4&s1=bas&s2=casino&s3=spooky+spins+slot+machine+for+sale&s4=https%3A%2F%2Fbestdup394.weebly.com%2F&s5=Chrome+Generic+%2F+Win10 HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
spooky-spins-slot-machine-for-sale.html
bestdup394.weebly.com/
Redirect Chain
  • http://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
  • https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
45 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
Apache /
Resource Hash
b5ce00f14b0c61f88c4af4661466cbecab587fba6bf51801b074976db7bc307a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8718
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Feb 2024 00:11:38 GMT
ETag
W/"541cf167e472360d3d7afc0cb597cef3-gzip"
Keep-Alive
timeout=10, max=65
Server
Apache
Vary
X-W-SSL,Accept-Encoding,User-Agent
X-Host
blu75.sf2p.intern.weebly.net
X-UA-Compatible
IE=edge,chrome=1

Redirect headers

Connection
Keep-Alive
Content-Length
522
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Feb 2024 00:11:38 GMT
Keep-Alive
timeout=10, max=60
Location
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Server
Apache
Vary
X-W-SSL,User-Agent
X-Host
blu42.sf2p.intern.weebly.net
X-UA-Compatible
IE=edge,chrome=1
sites.css
cdn2.editmysite.com/css/ 		206 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/sites.css?buildTime=1613524086
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
4, 1
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1145006
x-cache
HIT, HIT
x-host
blu44.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29663
x-served-by
cache-sjc1000128-SJC, cache-nyc-kteb1890051-NYC
last-modified
Tue, 23 Jan 2024 16:07:14 GMT
server
nginx
x-timer
S1707178299.999082,VS0,VE1
etag
W/"65afe432-337f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 06 Feb 2024 18:08:12 GMT
fancybox.css
cdn2.editmysite.com/css/old/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/old/fancybox.css?1613073516
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
14, 1
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
25994
x-cache
HIT, HIT
x-host
blu66.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1218
x-served-by
cache-sjc1000100-SJC, cache-nyc-kteb1890051-NYC
last-modified
Thu, 01 Feb 2024 21:04:58 GMT
server
nginx
x-timer
S1707178299.999085,VS0,VE1
etag
"65bc077a-f47"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 19 Feb 2024 16:58:25 GMT
social-icons.css
cdn2.editmysite.com/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/social-icons.css?buildtime=1613073516
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25eb7d0f88522e9f3f9f3bf5c727d4eb571e055113f7cc8be11629f0206e8f0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
61, 1
date
Tue, 06 Feb 2024 00:11:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
583112
x-cache
HIT, HIT
x-host
blu147.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1638
x-served-by
cache-sjc1000120-SJC, cache-nyc-kteb1890051-NYC
last-modified
Mon, 29 Jan 2024 20:01:41 GMT
server
nginx
x-timer
S1707178299.998154,VS0,VE1
etag
W/"65b80425-3319"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 13 Feb 2024 06:13:06 GMT
main_style.css
bestdup394.weebly.com/files/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/files/main_style.css?1613473710
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash
0d377c8ae9037563e7a8cef29248cf0ef46956ee2290d07fa87e2e4cfb7d0fc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
text/css
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Host
grn148.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
css
fonts.googleapis.com/ 		10 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95cd70c54187f2f0b319907a3e3bd5439f135733245232254f1cef0dae135582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 00:11:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 00:11:39 GMT
css
fonts.googleapis.com/ 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 22:18:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 00:11:39 GMT
css
fonts.googleapis.com/ 		7 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
119e44b6b6bb5fdc752858affe9b63d609845e29ab331a32d0aba1cd5b5ca19f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 00:06:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 00:11:39 GMT
templateArtifacts.js
bestdup394.weebly.com/files/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/files/templateArtifacts.js?1613473710
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
application/x-javascript
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Host
grn41.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 13:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Feb 2025 13:57:17 GMT
stl.js
cdn2.editmysite.com/js/lang/en/ 		182 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1613073516&
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6b70a5530d72de899d87ef0c8f2354115e574dbf71fc8e884de67319b5b461c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
165, 1
date
Tue, 06 Feb 2024 00:11:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
976679
x-cache
HIT, HIT
x-host
grn159.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33620
x-served-by
cache-sjc10060-SJC, cache-nyc-kteb1890051-NYC
last-modified
Thu, 25 Jan 2024 15:04:00 GMT
server
nginx
x-timer
S1707178299.998814,VS0,VE1
etag
"65b27860-2d73c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 08 Feb 2024 16:53:39 GMT
main.js
cdn2.editmysite.com/js/site/ 		466 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main.js?buildTime=1613524086
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
136, 1
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
455520
x-cache
HIT, HIT
x-host
blu149.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
146401
x-served-by
cache-sjc10069-SJC, cache-nyc-kteb1890051-NYC
last-modified
Wed, 31 Jan 2024 16:29:46 GMT
server
nginx
x-timer
S1707178299.998777,VS0,VE2
etag
"65ba757a-74804"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 14 Feb 2024 17:39:39 GMT
stl.js
cdn2.editmysite.com/js/lang/en/ 		182 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1613524086&
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6b70a5530d72de899d87ef0c8f2354115e574dbf71fc8e884de67319b5b461c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
268, 1
date
Tue, 06 Feb 2024 00:11:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1092635
x-cache
HIT, HIT
x-host
blu62.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33620
x-served-by
cache-sjc10051-SJC, cache-nyc-kteb1890051-NYC
last-modified
Tue, 23 Jan 2024 21:18:17 GMT
server
nginx
x-timer
S1707178299.998763,VS0,VE1
etag
"65b02d19-2d73c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 07 Feb 2024 08:41:04 GMT
data
www.qpdownload.com/windows/
Redirect Chain
  • https://qpdownload.com/data/spooky-spins/screenshot/spooksmall.png
  • https://www.qpdownload.com/data/spooky-spins/screenshot/spooksmall.png
  • https://www.qpdownload.com/windows/data
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qpdownload.com/windows/data
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Server
2606:4700:3037::ac43:dac4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

date
Tue, 06 Feb 2024 00:11:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8rz50PSv6Uj9a1BknLmUIK492miHCYsWba3sUBoeX1giikabaUvvBeYrE8aI9KV3ZqqrnMi96s%2BnmFVGj4gZgvHOQy1Tkqr0nCZo4fen3EPIieAAUHCrvl5JHK3YgcpHVK8StTP354nPc86cSSlw6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
http://www.qpdownload.com/windows/data
cf-ray
850f2d5258934bd3-BUF
alt-svc
h3=":443"; ma=86400
footer-toast-published-image-1.png
cdn2.editmysite.com/images/site/footer/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Sat, 26 Aug 2023 06:41:03 GMT
date
Tue, 06 Feb 2024 00:11:39 GMT
via
1.1 varnish
age
146953
x-guploader-uploadid
ADPycdsatP3uOBH43PNMvxZOtintvSa5H1z49qk4vtDn6ukdJUU1Lr2JWaiuap_Ux-L3uoLIVD-6IIvnMtfUhStGT7M2PA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9677
x-served-by
cache-nyc-kteb1890051-NYC
last-modified
Tue, 12 Feb 2019 18:19:08 GMT
server
UploadServer
x-timer
S1707178299.010058,VS0,VE0
etag
"6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation
1549995548326466
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
cache-control
public, max-age=86400, s-maxage=259200
x-goog-stored-content-length
9677
accept-ranges
bytes
x-cache-hits
763
footerSignup.js
cdn2.editmysite.com/js/site/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1707175896
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
36, 11
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2247
x-cache
HIT, HIT
x-host
blu124.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1372
x-served-by
cache-sjc1000133-SJC, cache-nyc-kteb1890051-NYC
last-modified
Mon, 05 Feb 2024 23:15:54 GMT
server
nginx
x-timer
S1707178299.112639,VS0,VE0
etag
"65c16c2a-e10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 19 Feb 2024 23:34:12 GMT
plugins.js
bestdup394.weebly.com/files/theme/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/files/theme/plugins.js?1535589184
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
Content-Encoding
gzip
X-Storage-Object
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
Last-Modified
Wed, 28 Jul 2021 13:27:14 GMT
Server
nginx
x-amz-request-id
tx00000000000000262db65-0062850df3-b9fbc64-sfo1
ETag
W/"a8bf2ebe41b28e96d5d8deb2b83e0ee3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
x-rgw-object-type
Normal
X-Storage-Bucket
z2829
X-Host
blu50.sf2p.intern.weebly.net
Connection
keep-alive
custom.js
bestdup394.weebly.com/files/theme/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/files/theme/custom.js?1535589184
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash
a76e503d969fc9738f1f292994e535567efdbf22e8a3f14d3220ef78700f5b4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
Content-Encoding
gzip
X-Storage-Object
a76e503d969fc9738f1f292994e535567efdbf22e8a3f14d3220ef78700f5b4f
Last-Modified
Thu, 02 Jan 2020 16:37:20 GMT
Server
nginx
x-amz-request-id
tx00000a3bd64dcbf5eb261-00652db1bc-db1a051-sfo1
ETag
W/"02a6d424cbb3020f66aef8a87c57d17e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
x-rgw-object-type
Normal
X-Storage-Bucket
za76e
X-Host
blu136.sf2p.intern.weebly.net
Connection
keep-alive
main-customer-accounts-site.js
cdn2.editmysite.com/js/site/ 		522 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1613524086
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
444, 181
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1065532
x-cache
HIT, HIT
x-host
blu98.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
159104
x-served-by
cache-sjc10032-SJC, cache-nyc-kteb1890030-NYC
last-modified
Tue, 23 Jan 2024 21:20:15 GMT
server
nginx
x-timer
S1707178299.175063,VS0,VE0
etag
"65b02d8f-826d7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 07 Feb 2024 16:12:46 GMT
/
basati.info/ 		187 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://basati.info/?RQkU=QAFQT14CEApVWwlUBwxaRl4DBlsUSkMJXw5NGkMRUQxBTkFZV0VKX1lRDg0IBhxWWEQcR1lVVkoBVAcdAVcNTlUEX1dUWA9VCABKSFRNBQAFBxsGFAsFSlULGWRjTRRORgBKQUsUUlMdAQc3
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d45a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://bestdup394.weebly.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAxeL2960b9i3%2FdRuwAbx6frtoZsc4yE8Xpp93jaK3lTCOTzxPxgph5CsbVV8ehgxMC5oUH7FcZczWQyac%2FQhk6Gvac70SkeGQe%2FohaCDiwswhLYrfeXj3a7%2BMBH%2BlEDzDie0nWmlSaI7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
850f2d52c9bc6aed-BUF
access-control-allow-headers
X-Requested-With
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestdup394.weebly.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:11:31 GMT
x-content-type-options
nosniff
age
399608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:11:31 GMT
header-search.png
bestdup394.weebly.com/files/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestdup394.weebly.com/files/theme/images/header-search.png?1613473710
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/files/main_style.css?1613473710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash
b07a73d88dfb7b8377c080deca3b721bd5807abeb5edf396b02921471209f966

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/files/main_style.css?1613473710
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
X-Storage-Object
b07a73d88dfb7b8377c080deca3b721bd5807abeb5edf396b02921471209f966
Last-Modified
Wed, 25 Mar 2020 13:16:44 GMT
Server
nginx
x-amz-request-id
tx0000026fa64106596098c-0065951cf4-db1c67d-sfo1
ETag
"b5cfc4e3f99e1e87432c2a1e9440e62a"
Content-Type
image/png; charset=binary
x-rgw-object-type
Normal
X-Storage-Bucket
zb07a
X-Host
grn26.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
background.jpg
bestdup394.weebly.com/files/theme/images/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestdup394.weebly.com/files/theme/images/background.jpg?1613473710
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/files/main_style.css?1613473710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/files/main_style.css?1613473710
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
X-Storage-Object
6ca8b2faa98531c656c7470666357efa7f7960a2e066499c28c937fa883a14d1
Last-Modified
Tue, 31 Mar 2020 15:50:21 GMT
Server
nginx
x-amz-request-id
tx00000895e0ed2d6c858ca-00651ddbd3-db1a051-sfo1
ETag
"ff4dce40cdffbcf4e229f11aed752432"
Content-Type
image/jpeg; charset=binary
x-rgw-object-type
Normal
X-Storage-Bucket
z6ca8
X-Host
blu50.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209262
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestdup394.weebly.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:21:09 GMT
x-content-type-options
nosniff
age
399030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28600
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:21:09 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestdup394.weebly.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:25:06 GMT
x-content-type-options
nosniff
age
398793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:25:06 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bestdup394.weebly.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:21:09 GMT
x-content-type-options
nosniff
age
399030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:21:09 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 00:11:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
22
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 06 Feb 2024 02:11:17 GMT
snowday262.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
19, 14707
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
400925
x-cache
HIT, HIT
x-host
blu145.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25752
x-served-by
cache-sjc10061-SJC, cache-nyc-kteb1890030-NYC
last-modified
Wed, 31 Jan 2024 22:58:59 GMT
server
nginx
x-timer
S1707178299.442388,VS0,VE0
etag
"65bad0b3-124fe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 15 Feb 2024 08:49:34 GMT
/
bestdup394.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ 		348 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bestdup394.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-wildcard-1.weebly.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 06 Feb 2024 00:11:39 GMT
Server
Apache
Vary
X-W-SSL,User-Agent
Content-Type
application/json
X-Host
grn147.sf2p.intern.weebly.net
Connection
Keep-Alive
Keep-Alive
timeout=10, max=58
Content-Length
348
X-UA-Compatible
IE=edge,chrome=1
free-footer-v3.css
cdn2.editmysite.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1707175896
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bestdup394.weebly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
31, 6
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2247
x-cache
HIT, HIT
x-host
blu32.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
886
x-served-by
cache-sjc1000132-SJC, cache-nyc-kteb1890030-NYC
last-modified
Mon, 05 Feb 2024 23:15:30 GMT
server
nginx
x-timer
S1707178300.509606,VS0,VE0
etag
"65c16c12-a49"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 19 Feb 2024 23:34:12 GMT
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ 		2 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-243-72.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://bestdup394.weebly.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://bestdup394.weebly.com
date
Tue, 06 Feb 2024 00:11:40 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
sqmarket-medium.woff2
cdn2.editmysite.com/fonts/SQ_Market/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://bestdup394.weebly.com/
Origin
https://bestdup394.weebly.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
82, 180
date
Tue, 06 Feb 2024 00:11:39 GMT
via
1.1 varnish, 1.1 varnish
age
42356
x-cache
HIT, HIT
x-host
blu120.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30768
x-served-by
cache-sjc1000119-SJC, cache-nyc-kteb1890047-NYC
last-modified
Thu, 01 Feb 2024 09:29:11 GMT
server
nginx
x-timer
S1707178300.620198,VS0,VE0
etag
"65bb6467-7830"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 19 Feb 2024 12:25:44 GMT
logotype.svg
cdn2.editmysite.com/images/landing-pages/global/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.editmysite.com/images/landing-pages/global/logotype.svg
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1707175896
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1707175896
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Fri, 12 May 2023 06:46:54 GMT
date
Tue, 06 Feb 2024 00:11:39 GMT
content-encoding
gzip
via
1.1 varnish
age
229603
x-guploader-uploadid
ADPycdtKGWgdep3zuWFcHmOOPEUH4AfzmX_5KIubHVmzOCiSgHxwlH-JjY1ZmpX-r2hdvf53oovggdSX41dnLTdl8uqSrlmBsHdf
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1488
x-served-by
cache-nyc-kteb1890030-NYC
last-modified
Wed, 10 Oct 2018 21:37:00 GMT
server
UploadServer
x-timer
S1707178300.589491,VS0,VE0
etag
"bc61dcb431a14c508075eeff4f74523a"
vary
Accept-Encoding
x-goog-generation
1539207420450301
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
cache-control
public, max-age=86400, s-maxage=259200
x-goog-stored-content-length
3507
accept-ranges
bytes
x-cache-hits
1200
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.243.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-243-72.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bestdup394.weebly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://bestdup394.weebly.com
access-control-max-age
600
content-length
0
date
Tue, 06 Feb 2024 00:11:40 GMT
server
nginx
next.php
adspredictiv.com/jump/
Redirect Chain
  • https://cddtsecure.com/?a=163389&c=337953&co=212705&mt=4&s1=bas&s2=casino&s3=spooky+spins+slot+machine+for+sale&s4=https%3A%2F%2Fbestdup394.weebly.com%2F&s5=Chrome+Generic+%2F+Win10
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas
Requested by
Host: bestdup394.weebly.com
URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850f2d58cb404bc3-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 00:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9nU0iR5JikL7SGIq0ZMu7at0DZoleuRMlbSAlq0gCghvcx0fMUBQtWlzfRpGZ3%2B39YV5ls9Dzoi9XtGdVtwbqlJoV6bh26u%2FozXKUgiFRQFrVEAth8NV9a3n0VhdZg2wS7twCGfkOr93idkxCk0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Tue, 06 Feb 2024 00:11:40 GMT
location
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas
server
nginx
Primary Request /
getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257CKuo3dnNhaQdHQAH0dEdHP3xP.7c7%252CTwuhcE9ytvGl4nFRHB_Ai6o6e7Q6JFDHAKafL4hf1REr42ZB3lhJbT3lOjvqwODA1ymjczlHWMTsdWfrBEDGibh2jHBI0Sepl7lWGNvUNzcvHo8B...
  • https://adspredictiv.com/script/i.php?t=1&c=23721366&stamat=m%257C%252C%252CwjOmYia_tGU3Bf-GH0dEdHP3xP.ca4%252CIj8Bn94E2RwAini2oDrx2EUNdC16hbXF6ZoHRxoNesWoajJTq0C6WVgp7aoHw68NLDek6kLSisY5rdPQJj43Hf...
  • https://topsolutions.rdtk.io/652a7a9bc4965b000158099d?sub1=3744083-887628016-33078332&sub2=[udid]&sub3=366300420&sub4=126766&sub5=1707178300&sub6=3744083&sub7=US&sub8=1000&sub9=Nexeon%20Technologie...
  • https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
33 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:26ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9defa20c31329307a91312e3491430ae66b53c690f520b5889ea74658d557a98

Request headers

Referer
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=8686f7c4f597448e9d1b73954a9462792099a&sub1=163389&sub2=bas
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850f2d60ebbc4bd3-BUF
content-encoding
br
content-type
text/html
date
Tue, 06 Feb 2024 00:11:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrrLoLrt2JT6Nbl0dMFiJ611ogNGAz8Q9Llwft%2BZtRJuJaBfPLjxtG%2BzdL3dXYt7W0gp%2FPCQY24iMhBWbi%2FHnZspWKeMIgL%2B%2BYEUnQ8ww2lfR%2FpgjI8MriwO0T5ZIUMwKSaD%2F8GfHzRn%2B8BoJiTCNw6K"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
160
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Feb 2024 00:11:41 GMT
Location
https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
Referer
Referrer-Policy
no-referrer
Server
nginx/1.20.2
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
conf.json
getnindscompany.com/hood/Z2V0bmluZHNjb21wYW55LmNvbQ==/ 		49 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://getnindscompany.com/hood/Z2V0bmluZHNjb21wYW55LmNvbQ==/conf.json
Requested by
Host: getnindscompany.com
URL: https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:26ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 00:11:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Oct 2023 09:02:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651bd8ab-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPPNC63f0Wa5iyQ8tKwcwD%2Fefm2l5axtFiK5sKE1sf%2Ftot8pFAEGOFZ7kXglEovoipbT9MBr8qLyXzx3gm70odvua9ly9lA14JkQfAHTdLLTR5AZL0ZXUbEp95E84ZgYMnSJ59sTTkyFyGjg8FI3j3H%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
850f2d61ac724bd3-BUF
alt-svc
h3=":443"; ma=86400
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Requested by
Host: getnindscompany.com
URL: https://getnindscompany.com/JZRE5bGyD2RzGES8kTpkzQXBOgA0GrGylWAB3lx1LEE/?clck=65c1793ddc450d0001da9203&sid=3744083-887628016-33078332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11f0f7e861fa90b5bf67118f11e114bfb7afe67db55089341f2563b22b5a08f

Request headers

Referer
https://getnindscompany.com/
Origin
https://getnindscompany.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 00:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
750
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 02 Feb 2024 12:11:52 GMT
server
cloudflare
etag
W/"65bcdc08-2efc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ5AdRo3a28yQvKRA%2Bntr58nec6od1JpMFgOTcM3d2MexN2k0mkmb1nYpfg60swgQEzj2UyLnoutN3K15VEb%2Ba%2FsLRDcJ9WHkXkxA0TC8xPMlx1aDEPETT0qtVkicDp%2Fd6HdiqmsxK%2FjQRcsvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
850f2d6368ec4bbb-BUF
NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
cdn.ocmtag.com/tag/ 		279 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:84bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133

Request headers

accept-language
en-US,en;q=0.9
Referer
https://getnindscompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 00:11:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5956
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 03 Oct 2023 07:28:04 GMT
server
cloudflare
etag
W/"651bc284-117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRIm%2FwV8aH%2FWCEkvhjQgCBULe4iioMrGlrleDW5aoFnph5fPdgKoZlJqEXHBxqZIf3sL70HHf5NlBNx%2FQ8pfs6B8gPYh5LeMbFXFTuNmzBDVL8s1hXoda8e%2FD0kgoRT0x90aYmZw1v9Yhk5jUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
850f2d641f3e6aed-BUF
activity
t.ocmhood.com/v2/ 		0
436 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getnindscompany.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Feb 2024 00:11:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chAY5DVAwlNkG6e1NQObW8xObch2hE07zDQdA%2B%2BRioNoqwTc%2BluB9NyBxWTeYFdRWmo8XrJlqK%2FqJnR8eOz9jw7TRycUDhHhpUQnf5z8vvoTGpfxYnS3yPfVGjEgYktkYWmnqo%2BqX2fLecs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
850f2d64c8546aed-BUF
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getnindscompany.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Feb 2024 00:11:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLM1gXZCbETtDYdYBb2FNaD4L2%2FLkJ7HZDKZpkY2PR5S%2BztmFLMbVeEXiA38X5Xc5u8n8oRkIinuMD07FwkBIdeFs2FZ3mQth9OwMU22tTTGprpSlgOnzYzDUO%2BcKj%2FchD%2FpsY40Xr0Gma4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
850f2d64c8566aed-BUF
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| fetchAdAsync function| fetchCustom function| fetchImpressionPixelsAsync function| initLp function| initWpLogic function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc object| o_eid object| o_ocid string| source_prefix string| fallback_url function| send_next_to function| before_redirect_block object| sParams string| cc function| Hood function| NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT

20 Cookies

Domain/Path Name / Value
.bestdup394.weebly.com/ Name: is_mobile
Value: 0
bestdup394.weebly.com/ Name: language
Value: en
bestdup394.weebly.com/ Name: _snow_ses.3632
Value: *
bestdup394.weebly.com/ Name: _snow_id.3632
Value: 8fa819f7-adbd-455e-8063-c9a4e8e9fb04.1707178300.1.1707178300.1707178300.dfc802b4-618d-4b78-b4fd-da6b81b17e1e
.cddtsecure.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xyl/W8rOLGEfdBjwiLaQenGp7Te5LOKX2d+FQMZIiOJuaW
.cddtsecure.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_click_freq_v2_1_001
Value: H9VE5TFJkUlW96mXbyUSRweC+ZWNH75zYH1/ZskGDqlo1bwTsSRokS4uMUpjvjku
.cddtsecure.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xyl/W8rOLGEfdBjwiLaQenGp7Te5LOKX2d+FQMZIiOJuaW
.cddtsecure.com/ Name: gdm_sid_v1_3_001
Value: nchUkl48NcyvvZcSpXC6QroWjAlH3tPRiEz7c9M6a3zZdFd+vAQfQst5KFFQdOSLmJh5AYS/sVLyNC6ux8gQ3nFXyezHD6lmeNRgJ9rAiOdmzQ8NqQXSVWvT/Bbrhln6xKGubdnZ2w3aMvkW/1j33jLTH6sKplSr7mRy0ImcGs0yxj++Q8QBW4SGZg73APSuGRpJ98CLRIKhCrfBuV6yd6DTFgVYTMRpkxUcUWJAwnzRaItj2FEa1gFL4IsFyMEdnA5fh+cuf96uUd2aNO7y7U+EybfCK3/IG7uRshJU5RqAAyld3d79q2QhG2BdtqcvgtkSRqeMiuhQBZf1Pk8EWLAJ0M+bZb1csGgHC60nPDycfhwVNtpgM6L2qxJEFvBOISaPPLRZvllx1FlU3WaMCOReNZVguHHkO2ofXYmjQqoem+fl4y+58OzOnF9MIteM/UlwJTTcO0DJYiYOMeyWTFrYMyL7rn9qSZC89+Rq0b7pgxBwBPLA7d91wqY8QKhKZS39c35hc5zRZsP0Jf0cHDAu6grU4M/pA3YY2GstnwV1zvastf5uaQAathBwXkXatI36A3MOBPJFvCV6l/nN7Ov/zo86v1hc0yuk04N3pCJWtYObwHON5d4ODbsWwMvtxAbcRpVJAbMKNuhSUCWgY0ZnyXcynA42xiPIkafc9fETTI6A471dyTLxHYuDaCQdWFoyQCnYo/h06q9nNLOFE9F4XrrUfTEUYvF+PI3iu66G/9V8H0qjIzHHk3XeSReNbKXG5d+6vOOO3v1xSUshZ1ogqTVsbIcu5xD2nvbNCikkYt9BrA4yqy1ueITmlLDSDYF6Fy4PZysM2AnSUU0te8dGVyc+X8Mfe4N8+jnenu6r77zROA+dec1cHg0WK4OnqWEYvWjkvZLK1y91Zz17SP1DiPe6RPQBwnX+dmHdRbSzdShnfB27q+zE145yn/wobt3/Hw9CqZwrwUhKesDyoobcXDXR5Vm9xDsBKQ6isN6/zK0cdqNgbPUflIjx2m5OloWVPzUMo2Bf7SAJXECMUmOQbfmiWK3cC04kyU3HjGc902QntVz60iMeLI/BoRalvWoRjnVor63hN/wJFUJ/rFAj/pinq0zdgSjfEqwAek6AP+JcJ5aOm872DNAi32wHoLlT1/BD1yjL2WJRugujSfacFfwBh1X5gNLzrRiEi55wd6LPtF9VQcNTFY67YekR8kxZ5Rz3HrjnR7IZJS//WsOY64hF+F1NN8RaDYBUKU0=
.cddtsecure.com/ Name: gdm_uid_v2_1_001
Value: 5nyPeNHEKpvNhtOINtSbbXPu44eHkvCRkFJlbc24w+FCuWgYWqb6jXJ3kQlhsKkj
.cddtsecure.com/ Name: gdm_click_freq_v1_1_001
Value: H9VE5TFJkUlW96mXbyUSRweC+ZWNH75zYH1/ZskGDqlo1bwTsSRokS4uMUpjvjku
.cddtsecure.com/ Name: gdm_sid_v2_3_001
Value: nchUkl48NcyvvZcSpXC6QroWjAlH3tPRiEz7c9M6a3zZdFd+vAQfQst5KFFQdOSLmJh5AYS/sVLyNC6ux8gQ3nFXyezHD6lmeNRgJ9rAiOdmzQ8NqQXSVWvT/Bbrhln6xKGubdnZ2w3aMvkW/1j33jLTH6sKplSr7mRy0ImcGs0yxj++Q8QBW4SGZg73APSuGRpJ98CLRIKhCrfBuV6yd6DTFgVYTMRpkxUcUWJAwnzRaItj2FEa1gFL4IsFyMEdnA5fh+cuf96uUd2aNO7y7U+EybfCK3/IG7uRshJU5RqAAyld3d79q2QhG2BdtqcvgtkSRqeMiuhQBZf1Pk8EWLAJ0M+bZb1csGgHC60nPDycfhwVNtpgM6L2qxJEFvBOISaPPLRZvllx1FlU3WaMCOReNZVguHHkO2ofXYmjQqoem+fl4y+58OzOnF9MIteM/UlwJTTcO0DJYiYOMeyWTFrYMyL7rn9qSZC89+Rq0b7pgxBwBPLA7d91wqY8QKhKZS39c35hc5zRZsP0Jf0cHDAu6grU4M/pA3YY2GstnwV1zvastf5uaQAathBwXkXatI36A3MOBPJFvCV6l/nN7Ov/zo86v1hc0yuk04N3pCJWtYObwHON5d4ODbsWwMvtxAbcRpVJAbMKNuhSUCWgY0ZnyXcynA42xiPIkafc9fETTI6A471dyTLxHYuDaCQdWFoyQCnYo/h06q9nNLOFE9F4XrrUfTEUYvF+PI3iu66G/9V8H0qjIzHHk3XeSReNbKXG5d+6vOOO3v1xSUshZ1ogqTVsbIcu5xD2nvbNCikkYt9BrA4yqy1ueITmlLDSDYF6Fy4PZysM2AnSUU0te8dGVyc+X8Mfe4N8+jnenu6r77zROA+dec1cHg0WK4OnqWEYvWjkvZLK1y91Zz17SP1DiPe6RPQBwnX+dmHdRbSzdShnfB27q+zE145yn/wobt3/Hw9CqZwrwUhKesDyoobcXDXR5Vm9xDsBKQ6isN6/zK0cdqNgbPUflIjx2m5OloWVPzUMo2Bf7SAJXECMUmOQbfmiWK3cC04kyU3HjGc902QntVz60iMeLI/BoRalvWoRjnVor63hN/wJFUJ/rFAj/pinq0zdgSjfEqwAek6AP+JcJ5aOm872DNAi32wHoLlT1/BD1yjL2WJRugujSfacFfwBh1X5gNLzrRiEi55wd6LPtF9VQcNTFY67YekR8kxZ5Rz3HrjnR7IZJS//WsOY64hF+F1NN8RaDYBUKU0=
.cddtsecure.com/ Name: gdm_uid_v1_1_001
Value: 5nyPeNHEKpvNhtOINtSbbXPu44eHkvCRkFJlbc24w+FCuWgYWqb6jXJ3kQlhsKkj
ec.editmysite.com/ Name: sp
Value: e25cf852-5918-45d0-a240-68f17dcb324c
.topsolutions.rdtk.io/ Name: redcmps
Value: W3siaWQiOiI2NTJhN2E5YmM0OTY1YjAwMDE1ODA5OWQiLCJ0IjoiMjAyNC0wMi0wNlQwMDoxMTo0MS40MTYyNDgzNzhaIn1d
.topsolutions.rdtk.io/ Name: redhash
Value: NjVjMTc5M2RkYzQ1MGQwMDAxZGE5MjAzfDB8NjUyYTdhOWJjNDk2NWIwMDAxNTgwOTlkfHw4NjU2MzZjNy1kNjI2LTQ0ZTItODE0NC1lMjg1MTg2NGVkNWF8MTcwNzE3ODMwMQ==
getnindscompany.com/ Name: session
Value: Lf1nONw9U392yJun2rtub_AGTys0xJZW
.getnindscompany.com/ Name: _ht_v
Value: 1707178302.2103950405
.getnindscompany.com/ Name: _ht_s
Value: 1707178302.2

2 Console Messages

Source Level URL
Text
rendering warning URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html(Line 12)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other warning URL: https://bestdup394.weebly.com/spooky-spins-slot-machine-for-sale.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
ajax.googleapis.com
basati.info
bestdup394.weebly.com
cddtsecure.com
cdn.ocmtag.com
cdn2.editmysite.com
ec.editmysite.com
fonts.googleapis.com
fonts.gstatic.com
getnindscompany.com
qpdownload.com
sdk.ocmhood.com
ssl.google-analytics.com
t.ocmhood.com
topsolutions.rdtk.io
www.qpdownload.com
108.62.123.181
199.34.228.53
2600:1f18:66d3:cb10:a2ea:be15:169b:a23a
2606:4700:20::681a:7e4
2606:4700:3030::6815:cef
2606:4700:3030::ac43:d45a
2606:4700:3032::6815:26ed
2606:4700:3037::ac43:84bf
2606:4700:3037::ac43:dac4
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2008
2a04:4e42:400::302
35.161.243.72
0d377c8ae9037563e7a8cef29248cf0ef46956ee2290d07fa87e2e4cfb7d0fc3
119e44b6b6bb5fdc752858affe9b63d609845e29ab331a32d0aba1cd5b5ca19f
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6
25eb7d0f88522e9f3f9f3bf5c727d4eb571e055113f7cc8be11629f0206e8f0e
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
95cd70c54187f2f0b319907a3e3bd5439f135733245232254f1cef0dae135582
9defa20c31329307a91312e3491430ae66b53c690f520b5889ea74658d557a98
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
a76e503d969fc9738f1f292994e535567efdbf22e8a3f14d3220ef78700f5b4f
b07a73d88dfb7b8377c080deca3b721bd5807abeb5edf396b02921471209f966
b5ce00f14b0c61f88c4af4661466cbecab587fba6bf51801b074976db7bc307a
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
d6b70a5530d72de899d87ef0c8f2354115e574dbf71fc8e884de67319b5b461c
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96
e11f0f7e861fa90b5bf67118f11e114bfb7afe67db55089341f2563b22b5a08f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2