urlscan.io logo urlscan.io
SecurityTrails logo

www6.imaginativenews.xyz Open in urlscan Pro
2606:4700::6812:4495  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsu...
Effective URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsu...
Submission: On August 31 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700::6812:4495, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www6.imaginativenews.xyz.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 4th 2019. Valid for: a year.
This is the only time www6.imaginativenews.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
15 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 2
Apex Domain
Subdomains		 Transfer
15 imaginativenews.xyz
www6.imaginativenews.xyz
80 KB
1 googleapis.com
ajax.googleapis.com
30 KB
16 2
Domain Requested by
15 www6.imaginativenews.xyz www6.imaginativenews.xyz
1 ajax.googleapis.com www6.imaginativenews.xyz
16 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-04 -
2020-07-03		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Frame ID: 694A50EDE95B5FA6ECB5D9C4D4DC16F4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

110 kB
Transfer

337 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index-2o-gb-assa-k.html
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba69b00b97f7d9447d565653aad1dd8420f10088250e0148616d0b4d6c989ee1

Request headers

:method
GET
:authority
www6.imaginativenews.xyz
:scheme
https
:path
/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Sat, 31 Aug 2019 06:07:30 GMT
content-type
text/html
set-cookie
__cfduid=dc221f02d6a13bd98d182a95169cd69391567231650; expires=Sun, 30-Aug-20 06:07:30 GMT; path=/; domain=.www6.imaginativenews.xyz; HttpOnly
last-modified
Wed, 08 May 2019 10:20:16 GMT
cf-cache-status
HIT
age
215129
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
50ecd3191971cbd0-VIE
content-encoding
br
bootstrap.min.css
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/bootstrap.min.css
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 May 2019 10:23:21 GMT
server
cloudflare
age
61405
etag
W/"5cd2ae19-2268e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
50ecd31959f1cbd0-VIE
expires
Sun, 30 Aug 2020 06:07:30 GMT
style.css
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/style.css
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c21434b0700e6eeaf6d8cba6d24fb5c208bbcbcb9f170535ac22964c2e1481

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
content-encoding
br
cf-cache-status
HIT
age
226883
cf-polished
origSize=6672
status
200
last-modified
Wed, 08 May 2019 10:23:39 GMT
server
cloudflare
etag
W/"5cd2ae2b-1a10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
cf-ray
50ecd31959f5cbd0-VIE
cf-bgj
minify
play56m.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		822 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/play56m.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6eb312f93d9b42a751a5068e2c85a1b2fc94d343892fb67aecef0b74e3a967

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
139717
cf-polished
qual=85, origFmt=jpeg, origSize=1568
status
200
content-disposition
inline; filename="play56m.webp"
content-length
822
last-modified
Wed, 08 May 2019 10:23:33 GMT
server
cloudflare
etag
"5cd2ae25-620"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd31959f6cbd0-VIE
cf-bgj
imgq:85
4.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/4.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59164851f172d942fe04cbd8e1ee7d5ab678ca35d2324762eea420524347a18a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
1862330
cf-polished
qual=85, origFmt=jpeg, origSize=1938
status
200
content-disposition
inline; filename="4.webp"
content-length
1932
last-modified
Wed, 08 May 2019 10:22:56 GMT
server
cloudflare
etag
"5cd2ae00-792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd31959f8cbd0-VIE
cf-bgj
imgq:85
1.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/1.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c642e02aad4edca9ab3018f5467d4193c747eccffeb7f079f5a01931135e1c09

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
33443
cf-polished
status=not_needed
status
200
content-length
2118
last-modified
Wed, 08 May 2019 10:22:52 GMT
server
cloudflare
etag
"5cd2adfc-846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a6fcbd0-VIE
cf-bgj
imgq:85
2.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/2.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c24c6e3611b6c20a11a04c42a6db631c082b2d03c6e50a300e543b6500fe27f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
207674
cf-polished
status=not_needed
status
200
content-length
2973
last-modified
Wed, 08 May 2019 10:22:53 GMT
server
cloudflare
etag
"5cd2adfd-b9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a71cbd0-VIE
cf-bgj
imgq:85
5.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/5.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66e55e5708711642ea6715f2f7e718680e4121266df3820b147256d29272dbf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
215129
cf-polished
status=not_needed
status
200
content-length
1859
last-modified
Wed, 08 May 2019 10:22:57 GMT
server
cloudflare
etag
"5cd2ae01-743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a73cbd0-VIE
cf-bgj
imgq:85
6.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/6.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25949fb299741d9f9329c059fc6d222d7c6a1f526b80e7b5304fe6b737074bf1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
251541
cf-polished
status=not_needed
status
200
content-length
2282
last-modified
Wed, 08 May 2019 10:22:59 GMT
server
cloudflare
etag
"5cd2ae03-8ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a74cbd0-VIE
cf-bgj
imgq:85
3.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/3.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2f3a64ed58f2768f9a33740dc964609646939a425a404c7d10d5ca09de30c3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
753918
cf-polished
status=not_needed
status
200
content-length
2187
last-modified
Wed, 08 May 2019 10:22:54 GMT
server
cloudflare
etag
"5cd2adfe-88b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a75cbd0-VIE
cf-bgj
imgq:85
7.jpg
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/7.jpg
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83311d0f810a65bdeaf212e52858757efc8adb9c9da23c400d8bcb8d40fb388a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
215885
cf-polished
qual=85, origFmt=jpeg, origSize=1642
status
200
content-disposition
inline; filename="7.webp"
content-length
1610
last-modified
Wed, 08 May 2019 10:23:00 GMT
server
cloudflare
etag
"5cd2ae04-66a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a77cbd0-VIE
cf-bgj
imgq:85
sainsbury1000.png
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/sainsbury1000.png
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03d968e773b75891f302bb45badbcf53bf02eb56577c255fcefe0facc005a6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=10607
status
200
content-disposition
inline; filename="sainsbury1000.webp"
content-length
9732
last-modified
Wed, 08 May 2019 10:23:38 GMT
server
cloudflare
etag
"5cd2ae2a-296f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a79cbd0-VIE
cf-bgj
imgq:85
asda1000.png
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/asda1000.png
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2adb7645471b39ed039687f12db2e8f24ac443a7607f953d439b069611e876

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
age
155488
cf-polished
origFmt=png, origSize=10426
status
200
content-disposition
inline; filename="asda1000.webp"
content-length
9498
last-modified
Wed, 08 May 2019 10:23:20 GMT
server
cloudflare
etag
"5cd2ae18-28ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
50ecd3198a7acbd0-VIE
cf-bgj
imgq:85
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 10:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416413
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30399
x-xss-protection
0
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 10:27:17 GMT
bootstrap.js
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/bootstrap.js
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bd598c9d500a0a57f7692fd2482b2b4ce7bca8e53160da0329bed14caeee35

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
content-encoding
br
cf-cache-status
HIT
age
766966
cf-polished
origSize=51039
status
200
last-modified
Wed, 08 May 2019 10:23:22 GMT
server
cloudflare
etag
W/"5cd2ae1a-c75f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Sun, 30 Aug 2020 06:07:30 GMT
cache-control
public, max-age=31536000
cf-ray
50ecd3197a55cbd0-VIE
cf-bgj
minify
alert6.mp3
www6.imaginativenews.xyz/claim/ytvtcl-comp/ 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/alert6.mp3
Requested by
Host: www6.imaginativenews.xyz
URL: https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4495 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www6.imaginativenews.xyz/claim/ytvtcl-comp/index-2o-gb-assa-k.html?region=Slough&td=www.anniethefantastic.com&brand=Samsung&model=Galaxy%20S10&cep=HNW_0faIvuFh2luZfY0bl5QigDZZG-I3kN-E0UwuKX4Ej6H5m1ZCA9f3zW56iOgYiD5wN0bL2SwOK-BWm8J9WUktwTSPBxvVc4LK7pbdSUK5y2ak3Bmy8h-wKDcZHAAU-s-vFH8DUqcSUd9amQCok-UON8Sji3z3WCSN915BajBDOnnXNSuieAZ7YuAAsqEGUXbj3um0RtAwfjm88cALVxAUwW9JMgTuxSKt6OQkC__ym-WDUn1mggOY0S1zddrtQzzW4fVHkViArp6ZPt6vSVEzM9ibRpEu3yqh0-YazgFFyPWGsh7z8B4Km0sCvF0awe3caVQATD70Q0Ao4L43pwbuaDGwLzl6pRKRi-kChQ4&lptoken=15c367aa23fa33b4793e&2=4400&3=4400-3a255882&1=6731208372802027657
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 31 Aug 2019 06:07:30 GMT
cf-cache-status
HIT
last-modified
Wed, 08 May 2019 10:23:18 GMT
server
cloudflare
age
235460
status
206
etag
"5cd2ae16-1a38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
audio/mpeg
Content-Range
bytes 0-6711/6712
cache-control
public, max-age=31536000
cf-ray
50ecd319baebcbd0-VIE
Content-Length
6712
expires
Sun, 30 Aug 2020 06:07:30 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| contains function| getURLParameter object| d object| weekday number| month object| mydate number| year number| day number| daym object| dayarray object| montharray function| $ function| jQuery object| bootstrap function| exit_a1 function| exit_a2

1 Cookies

Domain/Path Name / Value
.www6.imaginativenews.xyz/ Name: __cfduid
Value: dc221f02d6a13bd98d182a95169cd69391567231650