urlscan.io logo urlscan.io
SecurityTrails logo

www.samsung-win.cf Open in urlscan Pro
2a00:1450:4001:820::2013  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://www.samsung-win.cf/
Submission: On September 06 via manual from EG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 45 HTTP transactions. The main IP is 2a00:1450:4001:820::2013, located in Ireland and belongs to GOOGLE - Google Inc., US. The main domain is www.samsung-win.cf.
This is the only time www.samsung-win.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 151.101.112.193 54113 (FASTLY)
1 163.172.224.34 12876 (AS12876)
1 146.185.16.146 ()
1 67.202.94.93 32748 (STEADFAST)
1 107.182.231.45 32780 (HOSTINGSE...)
1 104.16.88.26 13335 (CLOUDFLAR...)
1 208.100.17.185 32748 (STEADFAST)
1 208.100.17.190 32748 (STEADFAST)
1 52.17.201.199 16509 (AMAZON-02)
1 35.156.247.14 16509 (AMAZON-02)
45 14
3    2a00:1450:4001:820::2013 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.samsung-win.cf
6    2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
pagead2.googlesyndication.com
1    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ajax.googleapis.com
20    151.101.112.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
1    163.172.224.34 (United Kingdom)

ASN12876 (AS12876, FR)
PTR: cdn04.top4top.net
d.top4top.net
1    146.185.16.146 (United Kingdom)

ASN- ()
PTR: 92b91092.rdns.100tb.com
widgets.amung.us
1    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    107.182.231.45 (New York, United States)

ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US)
PTR: 6bb6e72d.setaptr.net
t.dtscout.com
1    104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cdn.tynt.com
1    208.100.17.185 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip185.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.190 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip190.208-100-17.static.steadfastdns.net
de.tynt.com
1    52.17.201.199 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-201-199.eu-west-1.compute.amazonaws.com
s.cpx.to
1    35.156.247.14 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-247-14.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Domain Requested by
20 i.imgur.com www.samsung-win.cf
6 pagead2.googlesyndication.com www.samsung-win.cf
pagead2.googlesyndication.com
3 www.samsung-win.cf www.samsung-win.cf
ajax.googleapis.com
1 ps.eyeota.net www.samsung-win.cf
1 s.cpx.to www.samsung-win.cf
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com www.samsung-win.cf
1 cdn.tynt.com widgets.amung.us
1 t.dtscout.com widgets.amung.us
t.dtscout.com
1 whos.amung.us widgets.amung.us
1 widgets.amung.us www.samsung-win.cf
1 d.top4top.net www.samsung-win.cf
1 ajax.googleapis.com www.samsung-win.cf
0 tags.bluekai.com Failed www.samsung-win.cf
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
45 15

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2		 2017-08-15 -
2017-11-07		 3 months crt.sh
*.top4top.net
AlphaSSL CA - SHA256 - G2		 2017-03-03 -
2018-03-04		 a year crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-08-15 -
2017-11-07		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.samsung-win.cf/
Frame ID: 5217.1
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170903/r20170110/zrt_lookup.html
Frame ID: 5217.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Frame ID: 5217.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=712277510&adf=536986986&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631830&bpp=8&bdt=124&fdt=10&idt=105&shv=r20170903&cbv=r20170110&saldr=aa&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=633&ady=481&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=KNTyEHR8Rc&p=http%3A//www.samsung-win.cf&dtd=125
Frame ID: 5217.6
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Frame ID: 5217.4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=1935187563&adf=2509594431&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631841&bpp=8&bdt=134&fdt=133&idt=161&shv=r20170903&cbv=r20170110&saldr=aa&prev_fmts=320x100&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=p99Ut65iIt&p=http%3A//www.samsung-win.cf&dtd=176
Frame ID: 5217.8
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Frame ID: 5217.5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=300x250&output=html&h=250&slotname=2589151403&adk=4092676222&adf=120180925&w=300&lmt=1504616830&avail_w=0&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631849&bpp=5&bdt=143&fdt=187&idt=190&shv=r20170903&cbv=r20170110&saldr=aa&prev_fmts=320x100%2C320x100&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&xpc=9yvD60NaKa&p=http%3A//www.samsung-win.cf&dtd=196
Frame ID: 5217.11
Requests: 1 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 5217.13
Requests: 1 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/27519?dt=0&r=323396809&sig=3879212028&bkca=KJpnEnaNpQlN2z7JnxFhuF4m5Qym5Ew/B7j1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p1y1pR0BExy19R/QuqQ==
Frame ID: 5217.14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

45
Requests

9 %
HTTPS

23 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

900 kB
Transfer

2083 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 3
  • https://goo.gl/ff5zxs
  • http://i.imgur.com/2hSYpor.png
Request 4
  • https://goo.gl/J9pKy4
  • http://i.imgur.com/rxS2c2N.png
Request 5
  • https://goo.gl/ic3LM2
  • http://i.imgur.com/7EAMOA7.png
Request 6
  • https://goo.gl/WZjM3w
  • http://i.imgur.com/spGA3He.png
Request 7
  • https://goo.gl/6SASqC
  • http://i.imgur.com/spGA3He.png
Request 8
  • https://goo.gl/aetBW2
  • http://i.imgur.com/i4Ck6Ie.png
Request 9
  • https://goo.gl/Lq3r8x
  • http://i.imgur.com/i4Ck6Ie.png
Request 10
  • https://goo.gl/wmoUay
  • http://i.imgur.com/9pS6R1R.png
Request 11
  • https://goo.gl/pimNny
  • http://i.imgur.com/BKktPoj.png
Request 12
  • https://goo.gl/fECa1R
  • http://i.imgur.com/c5HdvnQ.png
Request 14
  • https://goo.gl/L1BmEk
  • http://i.imgur.com/6Zm3NaT.jpg
Request 15
  • https://goo.gl/YUbhqu
  • http://i.imgur.com/9N0nto9.jpg
Request 16
  • https://goo.gl/93P9ZT
  • http://i.imgur.com/1j6Qyb1.jpg
Request 17
  • https://goo.gl/Nyxzk2
  • http://i.imgur.com/oZcfUDK.jpg
Request 18
  • https://goo.gl/2Cx1M5
  • http://i.imgur.com/Z6366YV.jpg
Request 19
  • https://goo.gl/xUoFBZ
  • http://i.imgur.com/tfeo3eI.jpg
Request 20
  • https://goo.gl/6zj9UU
  • http://i.imgur.com/YXFLpVc.jpg
Request 21
  • https://goo.gl/2nN1eG
  • http://i.imgur.com/wbHKL3D.png
Request 22
  • https://goo.gl/juV2BW
  • http://i.imgur.com/BLMmsTj.png
Request 23
  • https://goo.gl/R1WFH3
  • http://i.imgur.com/u2NBJuc.png
Request 47
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=180457973637130701
Request 48
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEHsO2qPh4fozNUTcsBjHCrw&google_cver=1
Request 49
  • http://tags.bluekai.com/site/27519?id=CmUMLlmvTJgKkASUF0k3Ag%3D%3D&ret=html&random=1504660632510
  • http://tags.bluekai.com/site/27519?dt=0&r=323396809&sig=3879212028&bkca=KJpnEnaNpQlN2z7JnxFhuF4m5Qym5Ew/B7j1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p1y1pR0BExy19R/QuqQ==

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.samsung-win.cf/ 		530 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
GSE /
Resource Hash
06b691ab1a253bbe2311a847bf076597919fed9665c14cb5225052d23f80960e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Sep 2017 13:07:10 GMT
Server
GSE
ETag
W/"71aa94d8ff1361112d944ac6456bbaec28fbc124e0c378167e64fe45caaf26c0"
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0
Content-Length
19888
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:17:11 GMT
cookiechoices.js
www.samsung-win.cf/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.samsung-win.cf/js/cookiechoices.js
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 04 Sep 2017 12:26:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Mar 2017 02:50:03 GMT
Server
sffe
Age
132668
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
1949
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Sep 2017 12:26:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
3c352322b2e0ba7b1fdc335fd29873e6d56f3ec76c908b72c290e80a4d69384c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 00:25:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
3114
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
16948501285794676974
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
23309
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:25:17 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 07 Aug 2017 18:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2528333
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
19926
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Aug 2018 18:58:18 GMT
2hSYpor.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/ff5zxs
  • http://i.imgur.com/2hSYpor.png
 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/2hSYpor.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9a101fd378fccc1815eac7ebb2de9bc3df5b8399346a248face246615711e945

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
1064994
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2666
X-Served-By
cache-iad2132-IAD, cache-hhn1546-HHN
Last-Modified
Thu, 24 Aug 2017 17:27:16 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.824361,VS0,VE0
ETag
"bba0327bb50db943361eee6de9e41d4f"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
9bd68c9ff2ad178c8a2f431c44319125ee598d89a8b5752f1e39800029a396a6
Accept-Ranges
bytes
X-Cache-Hits
1, 104

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/2hSYpor.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
rxS2c2N.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/J9pKy4
  • http://i.imgur.com/rxS2c2N.png
 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/rxS2c2N.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ada24a7e52507ecf7d4c8ceaf526d1701f022b445db016284508aa80d0e2475c

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
988059
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
14782
X-Served-By
cache-iad2120-IAD, cache-hhn1533-HHN
Last-Modified
Fri, 25 Aug 2017 14:49:31 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.824117,VS0,VE0
ETag
"007cab9d53364fa4350a5e30fd222b8f"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
c4ec5fe428f452d1b2c5a60f79cae0e58925e67cf1304734378d573276b91205
Accept-Ranges
bytes
X-Cache-Hits
1, 49

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/rxS2c2N.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
7EAMOA7.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/ic3LM2
  • http://i.imgur.com/7EAMOA7.png
 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/7EAMOA7.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d6125f49e92dabffb7bb6387d7fb4c1f75d67bd47cdce8d18631f110758f6542

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
987282
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
184086
X-Served-By
cache-iad2136-IAD, cache-hhn1541-HHN
Last-Modified
Fri, 25 Aug 2017 15:02:30 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.828184,VS0,VE0
ETag
"0881018728023dab14aa1ea2c8f1bce3"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
1cc033d70c9e1d64ed30f8d4d3f1792d76f141f7035c701dac40e48f60f8c48d
Accept-Ranges
bytes
X-Cache-Hits
1, 2

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/7EAMOA7.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
spGA3He.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/WZjM3w
  • http://i.imgur.com/spGA3He.png
 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/spGA3He.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
985448
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
20233
X-Served-By
cache-iad2122-IAD, cache-hhn1524-HHN
Last-Modified
Fri, 25 Aug 2017 15:33:03 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.825374,VS0,VE0
ETag
"4bfa01837696d5f8557a821b1a15a90f"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
6cc2d44ccf1bcafb2f708f16e0698469bf0f1e692556ad3ab937aa1c617052a8
Accept-Ranges
bytes
X-Cache-Hits
1, 128

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/spGA3He.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
spGA3He.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/6SASqC
  • http://i.imgur.com/spGA3He.png
 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/spGA3He.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
985448
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
20233
X-Served-By
cache-iad2122-IAD, cache-hhn1531-HHN
Last-Modified
Fri, 25 Aug 2017 15:33:03 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.820656,VS0,VE0
ETag
"4bfa01837696d5f8557a821b1a15a90f"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
6cc2d44ccf1bcafb2f708f16e0698469bf0f1e692556ad3ab937aa1c617052a8
Accept-Ranges
bytes
X-Cache-Hits
1, 164

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/spGA3He.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
i4Ck6Ie.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/aetBW2
  • http://i.imgur.com/i4Ck6Ie.png
 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/i4Ck6Ie.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
985394
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
19454
X-Served-By
cache-iad2123-IAD, cache-hhn1522-HHN
Last-Modified
Fri, 25 Aug 2017 15:33:56 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.827802,VS0,VE0
ETag
"c977d5b6c8539b54a6df87059ddcf3ed"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
80953a19c8a54e3161a9c4cae0495b4e466fde6cc9384ba91b5b7ff24fb8c149
Accept-Ranges
bytes
X-Cache-Hits
1, 98

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/i4Ck6Ie.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
180
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
i4Ck6Ie.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/Lq3r8x
  • http://i.imgur.com/i4Ck6Ie.png
 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/i4Ck6Ie.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
985394
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
19454
X-Served-By
cache-iad2123-IAD, cache-hhn1533-HHN
Last-Modified
Fri, 25 Aug 2017 15:33:56 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.922456,VS0,VE0
ETag
"c977d5b6c8539b54a6df87059ddcf3ed"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
80953a19c8a54e3161a9c4cae0495b4e466fde6cc9384ba91b5b7ff24fb8c149
Accept-Ranges
bytes
X-Cache-Hits
1, 117

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/i4Ck6Ie.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
180
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
9pS6R1R.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/wmoUay
  • http://i.imgur.com/9pS6R1R.png
 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/9pS6R1R.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
1061367
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3489
X-Served-By
cache-iad2149-IAD, cache-hhn1533-HHN
Last-Modified
Thu, 24 Aug 2017 18:27:43 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.867598,VS0,VE0
ETag
"7bdb8750d13dba0106f3c827fe0f0234"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
7809b4c4bced6043132cf92e90a7ccf7d8d4644c8b33c6a5992485c24c93303b
Accept-Ranges
bytes
X-Cache-Hits
1, 56

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/9pS6R1R.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
179
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
BKktPoj.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/pimNny
  • http://i.imgur.com/BKktPoj.png
 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/BKktPoj.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
970356
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3489
X-Served-By
cache-iad2132-IAD, cache-hhn1524-HHN
Last-Modified
Fri, 25 Aug 2017 19:44:35 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.923777,VS0,VE0
ETag
"7bdb8750d13dba0106f3c827fe0f0234"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
561a61ccf26e7dbf8d3a16442cce6059a01cc5753b640801a752a061c5ff35e9
Accept-Ranges
bytes
X-Cache-Hits
1, 50

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/BKktPoj.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
c5HdvnQ.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/fECa1R
  • http://i.imgur.com/c5HdvnQ.png
 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/c5HdvnQ.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
17a22058a900c77b5b18e11851140d7cda3f2b2ba3de29dab5657e6b70b643ae

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
1055190
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
4147
X-Served-By
cache-iad2121-IAD, cache-hhn1546-HHN
Last-Modified
Thu, 24 Aug 2017 20:10:41 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.922243,VS0,VE0
ETag
"768b320b5c3724c062db790279495045"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
1265de99218a73ba06c31b60a9bda2acb19561450da83f965c08665fd415d8fb
Accept-Ranges
bytes
X-Cache-Hits
1, 105

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/c5HdvnQ.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
179
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m_6029mzr71.mp3
d.top4top.net/ 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d.top4top.net/m_6029mzr71.mp3
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.34 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn04.top4top.net
Software
HotCores /
Resource Hash
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://www.samsung-win.cf/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

X-File-ID
x19240179x
Date
Wed, 06 Sep 2017 01:17:11 GMT
Last-Modified
Fri, 25 Aug 2017 19:21:10 GMT
Server
HotCores
ETag
"59a078a6-1a38"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
audio/mpeg
Content-Range
bytes 0-6711/6712
Cache-Control
max-age=7200
Content-Disposition
inline; filename="alert6.mp3"
Connection
close
Content-Length
6712
Expires
Wed, 06 Sep 2017 03:17:11 GMT
6Zm3NaT.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/L1BmEk
  • http://i.imgur.com/6Zm3NaT.jpg
 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/6Zm3NaT.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4e9b228e30033ea5230099643de3964a18904e6f31c389bdf8891eb453887e89

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
983867
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
9401
X-Served-By
cache-iad2125-IAD, cache-hhn1541-HHN
Last-Modified
Fri, 25 Aug 2017 15:59:24 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.875929,VS0,VE0
ETag
"f55ad884e471aab0681c45df60571bc5"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
a252387e9351f352506bec23d8a3a6d565bf20724678a975687f7e181568b5f8
Accept-Ranges
bytes
X-Cache-Hits
1, 115

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/6Zm3NaT.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
180
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
9N0nto9.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/YUbhqu
  • http://i.imgur.com/9N0nto9.jpg
 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/9N0nto9.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
11a667973b7b79e7ec72619982ceabcf31801b5b58e8eb697f634a615bed0971

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
975370
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
7140
X-Served-By
cache-iad2124-IAD, cache-hhn1533-HHN
Last-Modified
Fri, 25 Aug 2017 18:21:01 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.876338,VS0,VE0
ETag
"18542a9c1da0b84f36c05c3553bd1986"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
3553abe5403c87c71be0891b9c0f3389c17342d5178f0fcfc4a2bbf6eef0829d
Accept-Ranges
bytes
X-Cache-Hits
1, 78

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/9N0nto9.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
1j6Qyb1.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/93P9ZT
  • http://i.imgur.com/1j6Qyb1.jpg
 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/1j6Qyb1.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7bbb5f7e5c12de7a45632603c5a0529cef2e3ef54903784841b0fee5c597a1c9

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
974716
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
50274
X-Served-By
cache-iad2132-IAD, cache-hhn1524-HHN
Last-Modified
Fri, 25 Aug 2017 18:31:55 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.877792,VS0,VE0
ETag
"e76c316163e36ef15c11d6afd571244c"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
3494fc0b4bdd89e0c63f4f24b435325ffb1806a690159da7fb143fa135c8f550
Accept-Ranges
bytes
X-Cache-Hits
1, 64

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/1j6Qyb1.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
180
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
oZcfUDK.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/Nyxzk2
  • http://i.imgur.com/oZcfUDK.jpg
 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/oZcfUDK.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b99fde94a3e70370984f14cf7602e185290a42e5078ed07b15a41f54f0da5b68

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
974940
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
25808
X-Served-By
cache-iad2148-IAD, cache-hhn1541-HHN
Last-Modified
Fri, 25 Aug 2017 18:28:10 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.869904,VS0,VE0
ETag
"b9e114e2e5cae5fe6662c1f1e39357bb"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
1a6359a3342c18a93236a7ce098a486f6e965738401f9d6d51545ecb1f86e707
Accept-Ranges
bytes
X-Cache-Hits
1, 89

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/oZcfUDK.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
179
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
Z6366YV.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/2Cx1M5
  • http://i.imgur.com/Z6366YV.jpg
 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/Z6366YV.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
bb80d1d0f0850fc979e8d1a7dcf2083348ab19bf7add33b47f964cf84c565eb5

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
974498
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
149025
X-Served-By
cache-iad2150-IAD, cache-hhn1522-HHN
Last-Modified
Fri, 25 Aug 2017 18:35:33 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.867678,VS0,VE0
ETag
"4d2ff94f3ecd23d56ea53c9be08b3415"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
a378782c9aa8b7086b455f1d95621b74cb06ecf7219da74cc077eb543dfd173d
Accept-Ranges
bytes
X-Cache-Hits
1, 20536

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/Z6366YV.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
180
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
tfeo3eI.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/xUoFBZ
  • http://i.imgur.com/tfeo3eI.jpg
 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/tfeo3eI.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5631a7b66f3855bf88b20cf36fd3290f5b3b64dc1812df8dd4b39696b4977af5

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
974679
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27687
X-Served-By
cache-iad2143-IAD, cache-hhn1524-HHN
Last-Modified
Fri, 25 Aug 2017 18:32:33 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.868556,VS0,VE0
ETag
"e57351f93551fe25de7565b0c5cafb2d"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
2fe9103424bc1c6757379c9fc1d7b3ecef83fdc192d5a5ba892e451d6d8bff7a
Accept-Ranges
bytes
X-Cache-Hits
1, 2451

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/tfeo3eI.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
YXFLpVc.jpg
i.imgur.com/
Redirect Chain
  • https://goo.gl/6zj9UU
  • http://i.imgur.com/YXFLpVc.jpg
 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/YXFLpVc.jpg
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
14ae7e3f5b01287d78a2b6518d7263117a5f07a3edb6d5c251741e00efd3f99f

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
974563
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
82891
X-Served-By
cache-iad2127-IAD, cache-hhn1546-HHN
Last-Modified
Fri, 25 Aug 2017 18:34:26 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.867535,VS0,VE0
ETag
"b75f0e1edfc9f4f692d1422cc8ece689"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
a3dab6a8eea64915279e4f38396c6e7cbb9e1f6656533f3e1b294fce16998b44
Accept-Ranges
bytes
X-Cache-Hits
1, 111

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/YXFLpVc.jpg
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
wbHKL3D.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/2nN1eG
  • http://i.imgur.com/wbHKL3D.png
 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/wbHKL3D.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2981226953e7a2298040b6737cca253d7773ea34d515dad26312a2ae26da5d19

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
982788
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
54098
X-Served-By
cache-iad2130-IAD, cache-hhn1531-HHN
Last-Modified
Fri, 25 Aug 2017 16:17:22 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.863125,VS0,VE0
ETag
"e9a80ae79445a108c96970b0447017a1"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
d9cf1c0906ff6c1e889dd1ed89ba06de7e7bd3fc8bc91f48d76c7b942e9cedc0
Accept-Ranges
bytes
X-Cache-Hits
1, 54

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/wbHKL3D.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
179
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
BLMmsTj.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/juV2BW
  • http://i.imgur.com/BLMmsTj.png
 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/BLMmsTj.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
31937a0b9cc495127dbf3f123a5da000e8cdcbe8a8449def2ca188939f0391be

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
1047138
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
37109
X-Served-By
cache-iad2148-IAD, cache-hhn1541-HHN
Last-Modified
Thu, 24 Aug 2017 22:24:54 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.926524,VS0,VE0
ETag
"ab0d577fbdf72d665e4d89129aaece1f"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
ae265d4f1642f102a6e7e6c607c2b91f666ffef37e79a0133dd65af31dd17326
Accept-Ranges
bytes
X-Cache-Hits
1, 4224

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/BLMmsTj.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
u2NBJuc.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/R1WFH3
  • http://i.imgur.com/u2NBJuc.png
 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/u2NBJuc.png
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ad9d9e28cc93b3885b6f70f9de27fb72fe31c5637376561e2b52a84c41367d17

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Age
1034231
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2414
X-Served-By
cache-iad2149-IAD, cache-hhn1522-HHN
Last-Modified
Fri, 25 Aug 2017 02:00:01 GMT
Server
cat factory 1.0
cache-control
public, max-age=31536000
X-Timer
S1504660632.923891,VS0,VE0
ETag
"6d88f383324c43f67db8e4603f4708e0"
Vary
Accept, Accept
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Fastly-Debug-Digest
7a84e7c339ca8a8fa8dd8423033d3338a26df8a62d9d79c1ecd759d63dfc0680
Accept-Ranges
bytes
X-Cache-Hits
1, 135

Redirect headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
301
date
Wed, 06 Sep 2017 01:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
http://i.imgur.com/u2NBJuc.png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
178
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
small.js
widgets.amung.us/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/small.js
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
146.185.16.146 , United Kingdom, ASN (),
Reverse DNS
92b91092.rdns.100tb.com
Software
nginx/1.9.6 /
Resource Hash
f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2017 16:37:24 GMT
Server
nginx/1.9.6
ETag
W/"593acec4-1404"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=60
Connection
keep-alive
Expires
Wed, 06 Sep 2017 01:18:11 GMT
/
www.samsung-win.cf/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.samsung-win.cf/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2013 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Sep 2017 13:07:10 GMT
Server
GSE
ETag
W/"71aa94d8ff1361112d944ac6456bbaec28fbc124e0c378167e64fe45caaf26c0"
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0
Content-Length
19888
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:17:11 GMT
ca-pub-3825056521416531.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3825056521416531.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Tue, 05 Sep 2017 19:40:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Sep 2017 19:38:14 GMT
server
sffe
age
20223
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
125
x-xss-protection
1; mode=block
expires
Wed, 06 Sep 2017 07:40:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170903/r20170110/ Frame 5217 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/ Frame 5217 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
eeac64b202b8f08aa599fb5fb77d9ba9eaeb6afda5d3661a6e997ce077923eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
5887266152604391525
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
70668
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:17:11 GMT
/
whos.amung.us/pingjs/ 		32 B
63 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=ct99jul5zg8a&t=Galaxy%20Note8&c=s&y=&a=0&d=0.305&v=22&r=8009
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
6245582872be261fb03617de5f4bc5317deb376e699a542ca4d6c234bc912267

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
/
t.dtscout.com/i/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.samsung-win.cf%2F&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
107.182.231.45 New York, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
6bb6e72d.setaptr.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d6e74c4be045ab88dcde728952bdb99a1696b752e067be148d37046207c6bd9a

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Wed, 06 Sep 2017 01:17:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5217 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/ Frame 5217 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
1b47ce4b7dcf16b017db80f3ae85cabbc8b8741177df2b36357df6a71abc7928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 04 Sep 2017 00:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
28513
x-xss-protection
1; mode=block
server
cafe
etag
7663481575115732412
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Sep 2017 00:47:52 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/ Frame 5217 		189 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
eeac64b202b8f08aa599fb5fb77d9ba9eaeb6afda5d3661a6e997ce077923eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Timing-Allow-Origin
*
Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5887266152604391525
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70668
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:17:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5217 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/ Frame 5217 		189 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170903/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
eeac64b202b8f08aa599fb5fb77d9ba9eaeb6afda5d3661a6e997ce077923eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Timing-Allow-Origin
*
Date
Wed, 06 Sep 2017 01:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5887266152604391525
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70668
X-XSS-Protection
1; mode=block
Expires
Wed, 06 Sep 2017 01:17:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5217 		0
0
/
t.dtscout.com/idg/ Frame 5217 		0
0
tc.js
cdn.tynt.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
71b1c640270a746608d4ddf442d39b8483f17fadf627576bf71c46bae8507779

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 03 Aug 2017 16:21:13 GMT
Server
cloudflare-nginx
ETag
W/"59834d79-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
399d9656807d2750-FRA
Expires
Sat, 09 Sep 2017 01:17:12 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
p
ic.tynt.com/b/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!ct99jul5zg8a&lm=0&ts=1504660632110&dn=TC&iso=0&ct=Samsung%20Galaxy%20Note8&t=Galaxy%20Note8
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
208.100.17.185 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
nginx/1.10.3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
Server
nginx/1.10.3
ETag
"4bc8846c-23"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
35
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
v2
de.tynt.com/deb/ 		704 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!ct99jul5zg8a&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
a8568eb1ef9d837ed123de14448910794f539c5f7b6d716949d1e0db123cc68d

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Content-Type
application/javascript
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
704
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=180457973637130701
 		95 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=180457973637130701
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
52.17.201.199 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-201-199.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Sep 2017 01:17:12 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Wed, 06 Sep 2017 01:17:12 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Sep 2017 01:17:14 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.10:80
AN-X-Request-Uuid
34f0e0f9-a845-413c-b57b-d40b03ecdab2
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=180457973637130701
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEHsO2qPh4fozNUTcsBjHCrw&google_cver=1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEHsO2qPh4fozNUTcsBjHCrw&google_cver=1
Requested by
Host: www.samsung-win.cf
URL: http://www.samsung-win.cf/
Protocol
HTTP/1.1
Server
35.156.247.14 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-247-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
http://www.samsung-win.cf/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Wed, 06 Sep 2017 01:17:12 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 06 Sep 2017 01:17:12 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEHsO2qPh4fozNUTcsBjHCrw&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
310
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
27519
tags.bluekai.com/site/ Frame 5217
Redirect Chain
  • http://tags.bluekai.com/site/27519?id=CmUMLlmvTJgKkASUF0k3Ag%3D%3D&ret=html&random=1504660632510
  • http://tags.bluekai.com/site/27519?dt=0&r=323396809&sig=3879212028&bkca=KJpnEnaNpQlN2z7JnxFhuF4m5Qym5Ew/B7j1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p1y1pR0BExy19R/QuqQ==
 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20170903/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=712277510&adf=536986986&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631830&bpp=8&bdt=124&fdt=10&idt=105&shv=r20170903&cbv=r20170110&saldr=aa&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=633&ady=481&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=KNTyEHR8Rc&p=http%3A//www.samsung-win.cf&dtd=125
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=320x100&output=html&h=100&slotname=2894715800&adk=1935187563&adf=2509594431&w=320&lmt=1504616830&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631841&bpp=8&bdt=134&fdt=133&idt=161&shv=r20170903&cbv=r20170110&saldr=aa&prev_fmts=320x100&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=p99Ut65iIt&p=http%3A//www.samsung-win.cf&dtd=176
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3825056521416531&format=300x250&output=html&h=250&slotname=2589151403&adk=4092676222&adf=120180925&w=300&lmt=1504616830&avail_w=0&flash=0&url=http%3A%2F%2Fwww.samsung-win.cf%2F&wgl=1&dt=1504660631849&bpp=5&bdt=143&fdt=187&idt=190&shv=r20170903&cbv=r20170110&saldr=aa&prev_fmts=320x100%2C320x100&correlator=8041519481237&frm=20&ga_vid=270866538.1504660632&ga_sid=1504660632&ga_hid=1842833145&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&abxe=1&eid=21060946%2C575144605%2C21060715&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CnepEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&xpc=9yvD60NaKa&p=http%3A//www.samsung-win.cf&dtd=196
Domain
t.dtscout.com
URL
http://t.dtscout.com/idg/
Domain
tags.bluekai.com
URL
http://tags.bluekai.com/site/27519?dt=0&r=323396809&sig=3879212028&bkca=KJpnEnaNpQlN2z7JnxFhuF4m5Qym5Ew/B7j1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BE9h1p1y1pR0BExy19R/QuqQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUklU88pDphZrXzUsrnz-FPhihGgweFi57j32boG6qK1wzAGSPMyCuELeq6S
.bluekai.com/ Name: bku
Value: 4tL99JC1gNkPCeoO
.bluekai.com/ Name: bkdc
Value: iad
.dtscout.com/ Name: l
Value: a7bnLVmvTJi03S2vgZV2Ag==
.dtscout.com/ Name: df
Value: 1504660631
.doubleclick.net/ Name: DSID
Value: NO_DATA
.dtscout.com/ Name: ah
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: d
Value: null
.dtscout.com/ Name: m
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tynt.com
d.top4top.net
de.tynt.com
googleads.g.doubleclick.net
i.imgur.com
ic.tynt.com
pagead2.googlesyndication.com
ps.eyeota.net
s.cpx.to
t.dtscout.com
tags.bluekai.com
whos.amung.us
widgets.amung.us
www.samsung-win.cf
googleads.g.doubleclick.net
t.dtscout.com
tags.bluekai.com
104.16.88.26
107.182.231.45
146.185.16.146
151.101.112.193
163.172.224.34
208.100.17.185
208.100.17.190
2a00:1450:4001:819::200a
2a00:1450:4001:820::2002
2a00:1450:4001:820::2013
35.156.247.14
52.17.201.199
67.202.94.93
06b691ab1a253bbe2311a847bf076597919fed9665c14cb5225052d23f80960e
11a667973b7b79e7ec72619982ceabcf31801b5b58e8eb697f634a615bed0971
14ae7e3f5b01287d78a2b6518d7263117a5f07a3edb6d5c251741e00efd3f99f
17673d312c43c6082ff929e1d4c3d5c84ffd25bfa55824cf17c3fd11fa3aca8a
17a22058a900c77b5b18e11851140d7cda3f2b2ba3de29dab5657e6b70b643ae
1b47ce4b7dcf16b017db80f3ae85cabbc8b8741177df2b36357df6a71abc7928
1cf0c4201b698d147df2a6f1fe737853f5d79fdf17fe1767b0a2625f27d2e9ab
2981226953e7a2298040b6737cca253d7773ea34d515dad26312a2ae26da5d19
31937a0b9cc495127dbf3f123a5da000e8cdcbe8a8449def2ca188939f0391be
3c352322b2e0ba7b1fdc335fd29873e6d56f3ec76c908b72c290e80a4d69384c
4e9b228e30033ea5230099643de3964a18904e6f31c389bdf8891eb453887e89
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
5631a7b66f3855bf88b20cf36fd3290f5b3b64dc1812df8dd4b39696b4977af5
6245582872be261fb03617de5f4bc5317deb376e699a542ca4d6c234bc912267
71b1c640270a746608d4ddf442d39b8483f17fadf627576bf71c46bae8507779
7bbb5f7e5c12de7a45632603c5a0529cef2e3ef54903784841b0fee5c597a1c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f3e43d75063146947e106ce3b22b7a7084b718cfda13168979736efb7e9fb94
9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6
9a101fd378fccc1815eac7ebb2de9bc3df5b8399346a248face246615711e945
a8568eb1ef9d837ed123de14448910794f539c5f7b6d716949d1e0db123cc68d
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
ad9d9e28cc93b3885b6f70f9de27fb72fe31c5637376561e2b52a84c41367d17
ada24a7e52507ecf7d4c8ceaf526d1701f022b445db016284508aa80d0e2475c
b99fde94a3e70370984f14cf7602e185290a42e5078ed07b15a41f54f0da5b68
bb80d1d0f0850fc979e8d1a7dcf2083348ab19bf7add33b47f964cf84c565eb5
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
d6125f49e92dabffb7bb6387d7fb4c1f75d67bd47cdce8d18631f110758f6542
d6e74c4be045ab88dcde728952bdb99a1696b752e067be148d37046207c6bd9a
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeac64b202b8f08aa599fb5fb77d9ba9eaeb6afda5d3661a6e997ce077923eba
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a