www.iqplaywin.com Open in urlscan Pro
35.244.205.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goodchoes.host/divo/Warszawa.php?=delfin_exchange%40kruksa.pl
Effective URL:
https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub...
Submission: On December 13 via api (December 13th 2019, 9:25:07 am UTC) from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 17 domains to perform 54 HTTP transactions. The main IP is 35.244.205.206, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is www.iqplaywin.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2019. Valid for: 3 months.

This is the only time www.iqplaywin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	23.95.97.53 23.95.97.53	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 2	2a05:d018:483... 2a05:d018:483:6130:7095:9e50:e827:1089	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a05:d018:483... 2a05:d018:483:6130:3c15:3fed:823c:bf5d	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.200.87.201 54.200.87.201	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
23	35.244.205.206 35.244.205.206	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	35.244.175.13 35.244.175.13	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.217.10.198 52.217.10.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
54	15

2 23.95.97.53 (Buffalo, United States) 2 redirects

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-97-53-host.colocrossing.com

goodchoes.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forwardtoo.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6130:7095:9e50:e827:1089 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cd-down.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6130:3c15:3fed:823c:bf5d (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.87.201 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-87-201.us-west-2.compute.amazonaws.com

www.24t7.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 35.244.205.206 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 206.205.244.35.bc.googleusercontent.com

www.iqplaywin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.175.13 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 13.175.244.35.bc.googleusercontent.com

srv.ibraincollege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.10.198 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

image.blingee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	iqplaywin.com www.iqplaywin.com	554 KB
10	googleapis.com fonts.googleapis.com ajax.googleapis.com	79 KB
4	ibraincollege.com srv.ibraincollege.com	674 B
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	36 KB
2	facebook.com www.facebook.com	495 B
2	google-analytics.com www.google-analytics.com	18 KB
2	bing.com bat.bing.com	7 KB
2	facebook.net connect.facebook.net	143 KB
2	cd-down.com 1 redirects cd-down.com	3 KB
1	blingee.com image.blingee.com	179 KB
1	gstatic.com fonts.gstatic.com	60 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
1	jquery.com code.jquery.com	30 KB
1	24t7.me 1 redirects www.24t7.me	164 B
1	gdmconvtrck.com gdmconvtrck.com	1 KB
1	forwardtoo.website 1 redirects forwardtoo.website	558 B
1	goodchoes.host 1 redirects goodchoes.host	281 B
54	17

	Domain	Requested by
23	www.iqplaywin.com	gdmconvtrck.com www.iqplaywin.com code.jquery.com ajax.googleapis.com
5	ajax.googleapis.com	www.iqplaywin.com
5	fonts.googleapis.com	www.iqplaywin.com code.jquery.com
4	srv.ibraincollege.com	www.iqplaywin.com
3	maxcdn.bootstrapcdn.com	www.iqplaywin.com
2	www.facebook.com	www.iqplaywin.com
2	www.google-analytics.com	www.googletagmanager.com www.iqplaywin.com
2	bat.bing.com	www.iqplaywin.com
2	connect.facebook.net	www.iqplaywin.com connect.facebook.net
2	cd-down.com	1 redirects
1	image.blingee.com
1	fonts.gstatic.com	ajax.googleapis.com
1	www.googletagmanager.com	www.iqplaywin.com
1	code.jquery.com	www.iqplaywin.com
1	www.24t7.me	1 redirects
1	gdmconvtrck.com	cd-down.com
1	forwardtoo.website	1 redirects
1	goodchoes.host	1 redirects
54	18

This site contains no links.

Subject Issuer	Validity	Valid
cd-down.com Amazon	`2019-04-04` - `2020-05-04`	a year	crt.sh
gdmconvtrck.com Amazon	`2019-04-19` - `2020-05-19`	a year	crt.sh
www.iqplaywin.com Let's Encrypt Authority X3	`2019-11-04` - `2020-02-02`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
srv.ibraincollege.com Let's Encrypt Authority X3	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Frame ID: A25F235CCDDD6E09890FED860CC57180
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://goodchoes.host/divo/Warszawa.php?=delfin_exchange%40kruksa.pl HTTP 302
http://forwardtoo.website/track/track/PL/source/campaign-ads HTTP 302
https://cd-down.com/?a=96022&c=212675 Page URL
https://cd-down.com/?a=96022&c=212675&oc=102305&sr=t&so=77538&sc=10684135&rc=24_102298&vt=157622... HTTP 302
https://www.24t7.me/ln/VncXyVC4571?clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_p... HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
script /angular.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

98 %
HTTPS

71 %
IPv6

17
Domains

18
Subdomains

15
IPs

4
Countries

1129 kB
Transfer

1993 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goodchoes.host/divo/Warszawa.php?=delfin_exchange%40kruksa.pl HTTP 302
http://forwardtoo.website/track/track/PL/source/campaign-ads HTTP 302
https://cd-down.com/?a=96022&c=212675 Page URL
https://cd-down.com/?a=96022&c=212675&oc=102305&sr=t&so=77538&sc=10684135&rc=24_102298&vt=1576229084870&h=9d7c40d82f7a3afa8236b2e5e1fa29aff78fce6d&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3D212675&us=aae1f942decd4c64b8c59cf6b5cf2301 HTTP 302
https://www.24t7.me/ln/VncXyVC4571?clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id= HTTP 302
https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://goodchoes.host/divo/Warszawa.php?=delfin_exchange%40kruksa.pl HTTP 302
http://forwardtoo.website/track/track/PL/source/campaign-ads HTTP 302
https://cd-down.com/?a=96022&c=212675

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
cd-down.com/
Redirect Chain

http://goodchoes.host/divo/Warszawa.php?=delfin_exchange%40kruksa.pl
http://forwardtoo.website/track/track/PL/source/campaign-ads
https://cd-down.com/?a=96022&c=212675

2 KB
1 KB

106ms
30ms

Document
text/html

2a05:d018:483:6130:7095:9e50:e827:1089
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cd-down.com/?a=96022&c=212675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6130:7095:9e50:e827:1089 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: dbe81d7e77f87f97a8e03488836b7a84f781f13e08c69840c39eea2de3723aa6

Request headers

:method: GET
:authority: cd-down.com
:scheme: https
:path: /?a=96022&c=212675
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 13 Dec 2019 09:24:44 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 13 Dec 2019 09:24:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.0RC3
Set-Cookie: cpa_was_here_cd-down_com=1; expires=Mon, 13-Jan-2020 09:24:44 GMT; Max-Age=2678400; path=/; domain=forwardtoo.website cpa_parents=%7B%22cd-down.com%22%3A%2220191213092444x17892%22%7D; expires=Mon, 13-Jan-2020 09:24:44 GMT; Max-Age=2678400; path=/; domain=forwardtoo.website
Location: https://cd-down.com/?a=96022&c=212675

GET
H2 200 trck
gdmconvtrck.com/ 1 KB
1 KB 117ms
31ms Script
text/javascript 2a05:d018:483:6130:3c15:3fed:823c:bf5d
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gdmconvtrck.com/trck
Requested by: Host: cd-down.com
URL: https://cd-down.com/?a=96022&c=212675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6130:3c15:3fed:823c:bf5d Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://cd-down.com/?a=96022&c=212675
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 09:24:44 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=utf-8
status: 200
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires: Sat, 1 May 2020 12:00:00 GMT

GET
H2

200

Primary Request welcome.html Show response
www.iqplaywin.com/
Redirect Chain

https://cd-down.com/?a=96022&c=212675&oc=102305&sr=t&so=77538&sc=10684135&rc=24_102298&vt=1576229084870&h=9d7c40d82f7a3afa8236b2e5e1fa29aff78fce6d&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3...
https://www.24t7.me/ln/VncXyVC4571?clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

5 KB
5 KB

315ms
131ms

Document
text/html

35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Requested by: Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/trck
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 14b84ef926e1e889dbfb3dc950231fc94bc0cddeb242fb09588485a4e867f047

Request headers

:method: GET
:authority: www.iqplaywin.com
:scheme: https
:path: /welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cd-down.com/?a=96022&c=212675
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cd-down.com/?a=96022&c=212675

Response headers

status: 200
x-guploader-uploadid: AEnB2Ur_xsEWToQB69_gowds7Iyz1BglmWW6eyIe-ytZnNOhJLGO2J8Vg-PoIxruCa4MRLGrvXMPLhiH-E78RGOgQEVnexiFOA
expires: Fri, 13 Dec 2019 09:24:46 GMT
date: Fri, 13 Dec 2019 09:24:46 GMT
cache-control: private, max-age=0
last-modified: Mon, 11 Nov 2019 12:43:34 GMT
etag: "db9d2b9083e2df0c8de34a833f7e8622"
x-goog-generation: 1573476214789015
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5042
content-type: text/html
x-goog-hash: crc32c=MwkYTg== md5=250rkIPi3wyN40qDP36GIg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5042
server: UploadServer
alt-svc: clear

Redirect headers

status: 302
date: Fri, 13 Dec 2019 09:24:45 GMT
content-type: text/plain
content-length: 0
location: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
server: Apache-Coyote/1.1

GET
H2 200 consts.js Show response
www.iqplaywin.com/consts/ 69 B
359 B 134ms
131ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/consts/consts.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
status: 200
x-guploader-uploadid: AEnB2UpbdtUS1BpBuR16n8uthGdUhVermsLkCF1GiWuXvTuNkLGRYc_l6loGElK3hD74M_8kS80ALpfzMltMKkesOTSPuFqdWJDmBI8-zA_ExVOeM6Fpy3M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 69
last-modified: Tue, 10 Sep 2019 14:07:18 GMT
server: UploadServer
etag: "43b3aa52fbaabf46d70b8d1c33c2213f"
x-goog-hash: crc32c=5XHM4Q==, md5=Q7OqUvuqv0bXC40cM8IhPw==
x-goog-generation: 1568124438288909
cache-control: private, max-age=0
x-goog-stored-content-length: 69
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 preAppLoading.js Show response
www.iqplaywin.com/ 4 KB
4 KB 145ms
143ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/preAppLoading.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 474ca8753a7863455b503794fbd42e4dae1b2323eff2a14ef3566ddbf136ce8c

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
status: 200
x-guploader-uploadid: AEnB2Up42rYyxkgSxEOT7bVpArBpp0Ex3Er7sQJ2Qsxj3fjYZh9BMF1Kb0gE8lWqiJWF_bcfWobK7kffsltVqffIV5vlZGj9MIjo2ZhHr-hgwDpY7Sivdoo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3794
last-modified: Sun, 24 Nov 2019 10:37:16 GMT
server: UploadServer
etag: "2bcef4835032d2cf5535496f828f7965"
x-goog-hash: crc32c=HL/OIw==, md5=K870g1Ay0s9VNUlvgo95ZQ==
x-goog-generation: 1574591836139582
cache-control: private, max-age=0
x-goog-stored-content-length: 3794
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
430 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:24:46 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 09:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
433 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mada:400,700

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:24:46 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 09:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 11ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 11ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK jquery-3.1.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 22ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.0.min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 09:24:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2016 21:45:52 GMT
Server: nginx
ETag: W/"577ecd90-1514f"
Vary: Accept-Encoding
X-HW: 1576229086.dop029.fr8.shc,1576229086.dop029.fr8.t,1576229086.cds150.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30019

GET
H2 200 fingerprintjs2.js Show response
www.iqplaywin.com/ 35 KB
36 KB 134ms
132ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/fingerprintjs2.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
status: 200
x-guploader-uploadid: AEnB2UqpCGoAMFGVHeecFtckpf8-6bnaaSWOjv3nfSnDvbkXhZXI_dBpfY5Ru6fep6N3pORWw3yAFg8h9XDVJpo15hWC5Oyo1X7zjv45Zm55S9IPkubP6-c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 36185
last-modified: Tue, 10 Sep 2019 14:20:58 GMT
server: UploadServer
etag: "68ab45bd98459cb766f3ab26d086e5f5"
x-goog-hash: crc32c=OuDATw==, md5=aKtFvZhFnLdm86sm0Ibl9Q==
x-goog-generation: 1568125258312231
cache-control: private, max-age=0
x-goog-stored-content-length: 36185
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 156 KB
55 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 15:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965894
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56572
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 15:19:52 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 25 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 15:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1879767
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9274
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 15:15:19 GMT

GET
H2 200 angular-sanitize.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 26 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-sanitize.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 19:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1951487
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8207
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 19:19:59 GMT

GET
H2 200 angular-resource.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 4 KB
2 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-resource.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1952649
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 19:00:37 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 11ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 angular-cookies.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 1 KB
905 B 11ms
10ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-cookies.min.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 19:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1951826
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 811
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 19:14:20 GMT

GET
H2 200 css-all-min.css
www.iqplaywin.com/minified/css/ 87 KB
87 KB 139ms
138ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/minified/css/css-all-min.css
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fb5da3336782ad73a925f053f4a2c70915fa18c2aa82d7ebfecd7e50c55fc18a

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
status: 200
x-guploader-uploadid: AEnB2Uq0TICO0OjyKkX3RfEZlINiiLQr3p335VfIIe4pUa1rPr4WYB_Jy7h7RJDRoEh14B3AA8-9KKG2qbXNCT0kgFjry3OSEw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 89188
last-modified: Thu, 12 Dec 2019 13:42:46 GMT
server: UploadServer
etag: "d4553eb873955493adc9a19dbd767b03"
x-goog-hash: crc32c=YdLxBw==, md5=1FU+uHOVVJOtyaGdvXZ7Aw==
x-goog-generation: 1576158166419433
cache-control: private, max-age=0
x-goog-stored-content-length: 89188
accept-ranges: bytes
content-type: text/css
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 js-all-min.js Show response
www.iqplaywin.com/minified/js/ 12 KB
12 KB 134ms
133ms Script
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/minified/js/js-all-min.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ad2c7496f320e7d0d1255c6083619a1e46e0803855f27c2d1751fc47d69a05aa

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
status: 200
x-guploader-uploadid: AEnB2UrUDxR_xkAWl4Sz-J66WDyxsRhxviQOikcyxUqKzSreXBrnEI7oGHweN3JuziuCSfefCV2LdFO8VNw5w4HyOa6muwizeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 11911
last-modified: Thu, 12 Dec 2019 08:34:55 GMT
server: UploadServer
etag: "895bde182bccdfce437540697caa15a8"
x-goog-hash: crc32c=TdBgBQ==, md5=iVveGCvM385DdUBpfKoVqA==
x-goog-generation: 1576139695212104
cache-control: private, max-age=0
x-goog-stored-content-length: 11911
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 57 KB
21 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c790b5b3250bc10c75f2adcaa442ca1bf4a6d77843577b06116c5078fce571f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21599
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: private
x-fb-debug: BeZs1n0m1S9Z0UMEpHyPDPj/63dvGWvPB7ouerinrBXaP2eo/56vM6bwSvcscfLM+lNYhBJv5BiFy49x6pQibw==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 09:24:46 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 47ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:45 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: E47AAF59D7934D1FBA464D3F3962B8F7 Ref B: VIEEDGE1213 Ref C: 2019-12-13T09:24:46Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 596950890744347 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 413ms
413ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/596950890744347?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0fbbdd2d6f32d7e703aeae642fe19bac16f1b65d21dec4ba6d9e8fc966949636

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0KcVFX2iG6IYtjjLwp9FrPmzceGjSIZmuYA07EJiSv4RvX4YJ5Y0xcbgVxDY49p0AUL7rgOT9Zd31kiH5Rhn7A==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 09:24:46 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CPMVX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3069
date: Fri, 13 Dec 2019 08:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 13 Dec 2019 10:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
199 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=164978381&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4571%26theme%3D1143%26clickid%3D6737eec25b3f4de6803a82ec4fc48df812ee2%26pub%3D96022%26sub_pub_id%3D&dr=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3D212675&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=616007397&gjid=1274795981&cid=952927069.1576229086&tid=UA-112527136-1&_gid=1466529718.1576229086&_r=1&gtm=2wgc61W5CPMVX&z=1098176197

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Dec 2019 09:24:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 userTracking Show response
srv.ibraincollege.com/rest/activity/ 0
50 B 363ms
149ms XHR
text/plain 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/activity/userTracking
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/preAppLoading.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.iqplaywin.com
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
via: 1.1 google
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: clear
server: Apache-Coyote/1.1
access-control-allow-origin: https://www.iqplaywin.com
vary: Origin
access-control-allow-methods: GET,HEAD,POST
content-type: text/plain
status: 200
access-control-max-age: 1800
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 0

OPTIONS
H2 200 checkByIp Show response
srv.ibraincollege.com/rest/user/ 0
279 B 361ms
148ms XHR
text/plain 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/user/checkByIp
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/preAppLoading.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.iqplaywin.com
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
via: 1.1 google
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: clear
server: Apache-Coyote/1.1
access-control-allow-origin: https://www.iqplaywin.com
vary: Origin
access-control-allow-methods: GET,HEAD,POST
content-type: text/plain
status: 200
access-control-max-age: 1800
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 0

POST
H2 200 checkByIp Show response
srv.ibraincollege.com/rest/user/ 109 B
234 B 161ms
160ms XHR
application/json 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/user/checkByIp
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/preAppLoading.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Origin: https://www.iqplaywin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.iqplaywin.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 userTracking Show response
srv.ibraincollege.com/rest/activity/ 0
111 B 158ms
158ms XHR
text/plain 35.244.175.13
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.ibraincollege.com/rest/activity/userTracking
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.175.13 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 13.175.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Origin: https://www.iqplaywin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 200
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.iqplaywin.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 404 _variables
www.iqplaywin.com/Design/GitProjectsRepositories/IQTestLandingPages/WebContent/css/_libraries/ 0
0 294ms
293ms Stylesheet
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/Design/GitProjectsRepositories/IQTestLandingPages/WebContent/css/_libraries/_variables
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UoKDm-6k_x9kexHuJZxwmVehG3O1OeMKOSWSHnEprYc6I5fxjmY8rjv0MlNPZuu43SRnzCQeNMLVBMGSvvG_L5HU8fTTA
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 404 _mixins_placeholders
www.iqplaywin.com/Design/GitProjectsRepositories/IQTestLandingPages/WebContent/css/_libraries/ 0
0 287ms
287ms Stylesheet
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/Design/GitProjectsRepositories/IQTestLandingPages/WebContent/css/_libraries/_mixins_placeholders
Requested by: Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UoaY3hn19Sh4PDgLjSTIQGGz77Kj3vJ3FPhXdfYbTBg97eBonGaIvROx0ybI6al8abKJCIOgtD03N7n4IuqPRhIZ-Qxfw
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
593 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700&display=swap

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

5e135cad6faaa9541987deb968e4c27cd9f8da5632d1861367417f78b2245ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:24:46 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 09:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=596950890744347&ev=PageView&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4571%26theme%3D1143%26clickid%3D6737eec25b3f4de6803a82ec4fc48df812ee2%26pub%3D96022%26sub_pub_id%3D&rl=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3D212675&if=false&ts=1576229086836&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576229086835.754063558&it=1576229086120&coo=false&rqm=GET

Requested by

Host: www.iqplaywin.com
URL: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 13 Dec 2019 09:24:46 GMT

GET
H2 404 script.js Show response
www.iqplaywin.com/LP/1143/ 127 B
287 B 292ms
292ms XHR
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/script.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UqTWBuM8VGp6e2dcTz7LsyMuTB6k97Ym3uV7OxfdPjGhi4HzRhkizpxZB_qYEKkSa44EW7J5GKcEUi6-G1SI8ByY2lfeAiTahB9XHIk8mQgVXgt-Qg
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 204 0
bat.bing.com/action/ 0
117 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26024093&Ver=2&mid=3594de73-eaa3-f30a-6725-0599559de7bd&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4571%26theme%3D1143%26clickid%3D6737eec25b3f4de6803a82ec4fc48df812ee2%26pub%3D96022%26sub_pub_id%3D&r=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3D212675&lt=2399&evt=pageLoad&msclkid=N&rn=652158
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 13 Dec 2019 09:24:46 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F8DD489140D048EB9B4E389DBF54BE86 Ref B: VIEEDGE1213 Ref C: 2019-12-13T09:24:47Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_DE.js Show response
www.iqplaywin.com/LP/1143/translate/ 2 KB
3 KB 142ms
142ms XHR
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/translate/translate_DE.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f6ea0c74c0cc63409015438a76f0f95d39a22bce1790b31f94a483aa4fdc52f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
x-guploader-uploadid: AEnB2UrapotviTNMAaYk5ruaRAiuiD9J6JckZYDxzk_5gIJpkHTdEplFw4bzyPyCof1LW37Uf0NesFE20C0BBdIbCCH0YOwblyQIqa_YV-dn_1m1x-TyuDo
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2417
last-modified: Thu, 12 Dec 2019 13:42:21 GMT
server: UploadServer
etag: "469fd951841c4675e4c5a26c274e52ff"
x-goog-hash: crc32c=8XuNsg==, md5=Rp/ZUYQcRnXkxaJsJ05S/w==
x-goog-generation: 1576158141374245
cache-control: private, max-age=0
x-goog-stored-content-length: 2417
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 translate_EN.js Show response
www.iqplaywin.com/LP/1143/translate/ 2 KB
2 KB 132ms
132ms XHR
text/javascript 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/translate/translate_EN.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9648a7244b5434a11ed84fd8013ae9efcc26e3cd6f8197bffd8db878558bb001

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
x-guploader-uploadid: AEnB2Urv5fodBfPZ_QY800a9PelMBeSfj0Bj9CJ3ExKprjpjc0xKhMy_A2ztQw-TT0YMcUkIrdD69ds1yiaseHeWQRMmR2VQkxxY5FwbL5EiJttV50QI7a0
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2101
last-modified: Thu, 12 Dec 2019 13:42:22 GMT
server: UploadServer
etag: "cb4214d456bf7e97b66570bd1ebcacf7"
x-goog-hash: crc32c=88Xk3Q==, md5=y0IU1Fa/fpe2ZXC9Hrys9w==
x-goog-generation: 1576158142438265
cache-control: private, max-age=0
x-goog-stored-content-length: 2101
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 style.css
www.iqplaywin.com/LP/1143/ 44 B
313 B 131ms
131ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/style.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a9ed04c2220024ee97b61bce440d886b4e63c6ee13a793ca651d9800c88acff5

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2UqQxKmIsJZpt8tTh1VXnny7TyprZOIFeDQwepCXJPrWRGf5_U1P0BG1xlZLUCV5KLGgwkhDS_Fs89JJ6SeOI1lRbpgs6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 44
last-modified: Thu, 12 Dec 2019 13:42:20 GMT
server: UploadServer
etag: "bb20627b39fadf9b90ad7022e58444d5"
x-goog-hash: crc32c=6j6vjA==, md5=uyBiezn635uQrXAi5YRE1Q==
x-goog-generation: 1576158140167136
cache-control: private, max-age=0
x-goog-stored-content-length: 44
accept-ranges: bytes
content-type: text/css
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 content.html Show response
www.iqplaywin.com/LP/1143/ 11 KB
11 KB 143ms
143ms XHR
text/html 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/content.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 180dba5b458fbebf2978e38a425ce2fb9021191ccd76422c32a56f281ab40047

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
x-guploader-uploadid: AEnB2UqO3aIIO0JX1XAnK18hsITDL9p4rud1Vt5x0Jx-mmojt2KRrAbMm3KEhgUn4g5Z-1HG-qxqV5SVsNrZkPNLjAsLE4qkrw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 11396
last-modified: Thu, 12 Dec 2019 13:42:17 GMT
server: UploadServer
etag: "680d2cc94625e987ea09cfdd5f191a0a"
x-goog-hash: crc32c=FS/VDg==, md5=aA0syUYl6YfqCc/dXxkaCg==
x-goog-generation: 1576158137770790
cache-control: private, max-age=0
x-goog-stored-content-length: 11396
accept-ranges: bytes
content-type: text/html
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 404 createAccountDialog.html Show response
www.iqplaywin.com/LP/1143/ 127 B
278 B 302ms
301ms XHR
application/xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/1143/createAccountDialog.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
server: UploadServer
x-guploader-uploadid: AEnB2UqZzmpFugAf01DiyhFVKxkV_XRuFx4Tq3hIw41bdNDzxC9FttQZkJSXQw7m-E9vJKHvdS38S0AAZo3UEOphi0zNmvqd_g
content-type: application/xml; charset=UTF-8
status: 404
cache-control: private, max-age=0
alt-svc: clear
content-length: 127
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 spin.svg
www.iqplaywin.com/images/LandingPage/ 3 KB
3 KB 146ms
146ms Image
image/svg+xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/LandingPage/spin.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f

Request headers

Referer: https://www.iqplaywin.com/minified/css/css-all-min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2UqGangcQWjoesxvTtXYFjOB_kt3Sv0SAnayQm3Jzvvw5V1RGrilQz_lqmUMwwQYdl9MsbqC4oYAbNcXL0mUWVQLN4GdNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3078
last-modified: Tue, 10 Sep 2019 14:07:28 GMT
server: UploadServer
etag: "660af47f3c331aca339f6ff4cfaf5289"
x-goog-hash: crc32c=7qiuFw==, md5=Zgr0fzwzGsozn2/0z69SiQ==
x-goog-generation: 1568124448027465
cache-control: private, max-age=0
x-goog-stored-content-length: 3078
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 general.css
www.iqplaywin.com/ 5 KB
5 KB 139ms
139ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/general.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2UoJSdJFFxiCpJcKoLnBSVodQ_ZcrzNbPM4t25QK8euoHFvtDwxhVT-pHcMUZTK_LIgq2ocwgeUrMQKwTVDt_jnhUxWKJw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 4976
last-modified: Tue, 10 Sep 2019 14:20:59 GMT
server: UploadServer
etag: "d562d198e5a760eebf6c183cd4e5c24a"
x-goog-hash: crc32c=YlxKTg==, md5=1WLRmOWnYO6/bBg81OXCSg==
x-goog-generation: 1568125259280114
cache-control: private, max-age=0
x-goog-stored-content-length: 4976
accept-ranges: bytes
content-type: text/css
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 themes.css
www.iqplaywin.com/css/ 12 KB
12 KB 130ms
130ms Stylesheet
text/css 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/css/themes.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8f36f1d1fb37c710f51e691c5b235cf7e96abc3aec2901570f4b6c529cf057dd

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2UqGOd8w4-qbT0fUEBbgclu1dA6E1wgCTvdvf0jM8rdJ7hitGJd2WchzD9UNZ4QeJcvWn2ufRTZhVsn-YbTyfuntgFSS4gq4VteC3DICTAi2T-0_8yg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 12279
last-modified: Thu, 12 Dec 2019 13:05:06 GMT
server: UploadServer
etag: "a1d71cbf0643b2d9789b00ceb64a63a6"
x-goog-hash: crc32c=9qlFsw==, md5=odccvwZDstl4mwDOtkpjpg==
x-goog-generation: 1576155906124693
cache-control: private, max-age=0
x-goog-stored-content-length: 12279
accept-ranges: bytes
content-type: text/css
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 newYear.html Show response
www.iqplaywin.com/LP/partials/ 3 KB
4 KB 133ms
132ms XHR
text/html 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iqplaywin.com/LP/partials/newYear.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4c063baccd67ad493ab89445043b693d1c17af019705705b9c07d48410c5438

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
x-guploader-uploadid: AEnB2UqeZ1rAtCRaj7fyHJ-hzaK4815CVtkmUUq--0tXdKOi2F2Ee-8oz-sr__9MZlfKe_ddqKWmJSQCK3BieMFLefXHXBYijw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3398
last-modified: Wed, 11 Dec 2019 12:44:45 GMT
server: UploadServer
etag: "a3e08242588349149cd0763e82539869"
x-goog-hash: crc32c=+LsoXg==, md5=o+CCQliDSRSc0HY+glOYaQ==
x-goog-generation: 1576068285165393
cache-control: private, max-age=0
x-goog-stored-content-length: 3398
accept-ranges: bytes
content-type: text/html
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 59 KB
60 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://www.iqplaywin.com

Response headers

date: Thu, 21 Nov 2019 04:28:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:50:48 GMT
server: sffe
age: 1918564
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Fri, 20 Nov 2020 04:28:43 GMT

GET
H2 200 amazing-logo.svg
www.iqplaywin.com/images/ 5 KB
5 KB 168ms
167ms Image
image/svg+xml 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/amazing-logo.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2Upcg0hKN1fUGg5dt4Ug-pb3EA2Nhs2TUjLMO2gLO-yfNuVoFExV8E0PJIukqfLEpgyyMTZUgchSwA55MiaHhZCnAXSu8f7mMvBqSN2JoXBVFFlR81Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 5054
last-modified: Tue, 10 Sep 2019 14:07:25 GMT
server: UploadServer
etag: "f8de608b6c80f2667b0b2eb1a9790dfd"
x-goog-hash: crc32c=y2zgrA==, md5=+N5gi2yA8mZ7Cy6xqXkN/Q==
x-goog-generation: 1568124445310026
cache-control: private, max-age=0
x-goog-stored-content-length: 5054
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 iphone-white.png
www.iqplaywin.com/LP/1143/images/ 116 KB
116 KB 130ms
129ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1143/images/iphone-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e78e6ba1b902515c0ee865bba56c015ed1eb39665a47e6c045573a978a6e585

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2UqCqHB1uLhelzj8nlJqq5l3qMXM0LBMc-Qr5PosXaZw12MvpMJuytURE6j6oom6GuNTu-o6-zpygq7jna5s0T1FY63fayFjJCSEPzxIhhDg12L_1f8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 118367
last-modified: Thu, 12 Dec 2019 13:42:19 GMT
server: UploadServer
etag: "dae012bc18bb8812bde495ce5099de92"
x-goog-hash: crc32c=B6IvcQ==, md5=2uASvBi7iBK95JXOUJnekg==
x-goog-generation: 1576158139330969
cache-control: private, max-age=0
x-goog-stored-content-length: 118367
accept-ranges: bytes
content-type: image/png
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 iphone-black.png
www.iqplaywin.com/LP/1143/images/ 127 KB
128 KB 132ms
131ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1143/images/iphone-black.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5efa0c500cfb80d51fe923cb7844f569376b7c4e75d910f3c967212275679189

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2Uor3qSQtuPGLFBrSXbQF2wHGcBiRr-WqaLC9s-W-pFa66kquaUfmhRn0eQ5r0AyQDHcJVk_fldefhEKK3y8MoI_75UAFt0bIiR22gvDbWTMjUO3Snw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 130523
last-modified: Thu, 12 Dec 2019 13:42:18 GMT
server: UploadServer
etag: "5886e6f97b6f45ad4f202f85b3c5b62a"
x-goog-hash: crc32c=a5OaQQ==, md5=WIbm+XtvRa1PIC+Fs8W2Kg==
x-goog-generation: 1576158138956629
cache-control: private, max-age=0
x-goog-stored-content-length: 130523
accept-ranges: bytes
content-type: image/png
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 iphone-gold.png
www.iqplaywin.com/LP/1143/images/ 104 KB
105 KB 137ms
136ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/LP/1143/images/iphone-gold.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2f640f5ba5904da1473d871377b12b87bf0a17974873a1e7452b9868391f7126

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2Uq2Aw1m5vUcI62ZdAktvkUK2fye56tlxqYY7W50MFw96t6l0VqbEoP3BPW0YLw0ZQbAhsO8spgRXTUVtGE8gfBj2NrdoGiKOj9ctPut6NXbZa-liKk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 106968
last-modified: Thu, 12 Dec 2019 13:42:19 GMT
server: UploadServer
etag: "6f0f814299a22be82b302b11009283ce"
x-goog-hash: crc32c=jo+ujg==, md5=bw+BQpmiK+grMCsRAJKDzg==
x-goog-generation: 1576158139144942
cache-control: private, max-age=0
x-goog-stored-content-length: 106968
accept-ranges: bytes
content-type: image/png
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 ssl.png
www.iqplaywin.com/images/ 13 KB
13 KB 139ms
139ms Image
image/png 35.244.205.206
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iqplaywin.com/images/ssl.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.244.205.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 206.205.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:47 GMT
status: 200
x-guploader-uploadid: AEnB2Uo0VN0dl2HvZyabwL0JXyYRpCeqdlygCyYr7TOkcQ4nnJiRrCMRjgo_rGm6_vWi_hlGACMotbXuyEDkpVdJNynjWv3rkCfJt9AhkmIurDARNBo14TI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 13284
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: UploadServer
etag: "5dbad574b841d7a0d9b6677440163c68"
x-goog-hash: crc32c=FAQz+g==, md5=XbrVdLhB16DZtmd0QBY8aA==
x-goog-generation: 1568124449391829
cache-control: private, max-age=0
x-goog-stored-content-length: 13284
accept-ranges: bytes
content-type: image/png
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
789 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

81f7f7891471a8fefa2e5b6ee38b8edf9d547aebc25c8012a948e90e7c97fc6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:24:47 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 09:24:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
774 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700,800&display=swap

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

75c57d0d0541d3598425266a6fa1ec8c340c5b45d700cc29d1e56757623524df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Dec 2019 09:24:47 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 13 Dec 2019 09:24:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 13 Dec 2019 09:24:47 GMT

GET
H/1.1 200
OK 725561736_2089677.gif
image.blingee.com/images18/content/output/000/000/000/749/ 179 KB
179 KB 188ms
97ms Image
image/gif 52.217.10.198
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.blingee.com/images18/content/output/000/000/000/749/725561736_2089677.gif?4
Protocol: HTTP/1.1
Server: 52.217.10.198 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 01aae8b606bbd882454b19bb589a1772d0e3e15cac08ea284b70eed4fa23a1a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 09:24:48 GMT
Last-Modified: Tue, 22 Mar 2011 23:29:07 GMT
Server: AmazonS3
x-amz-request-id: FDBC77887A9BB82D
ETag: "e7664dcd75b8c0321a3e69ea978d02a2"
Content-Type: image/gif
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 183070
x-amz-id-2: +SyjWo8TjrWe7q7szt8U10jJTXsp1p/nSJ1ypvaityKFuXyaTn+C1SDFQmjwieiOLTPWQEPxs3E=

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=596950890744347&ev=Microdata&dl=https%3A%2F%2Fwww.iqplaywin.com%2Fwelcome.html%3Faff%3D4571%26theme%3D1143%26clickid%3D6737eec25b3f4de6803a82ec4fc48df812ee2%26pub%3D96022%26sub_pub_id%3D&rl=https%3A%2F%2Fcd-down.com%2F%3Fa%3D96022%26c%3D212675&if=false&ts=1576229088425&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iqplaywin.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1576229088425.18753613&it=1576229086120&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.iqplaywin.com/welcome.html?aff=4571&theme=1143&clickid=6737eec25b3f4de6803a82ec4fc48df812ee2&pub=96022&sub_pub_id=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 09:24:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 13 Dec 2019 09:24:48 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iqplaywin.com/	1970-01-19 08:00:05	Name: _fbp Value: fb.1.1576229086835.754063558
www.iqplaywin.com/	1969-12-31 23:59:59	Name: checkByIp Value: {"countryId":82,"countryName":"Germany","languageId":5,"languageDsc":"DE","status":200,"redirectingURL":null}
.iqplaywin.com/	1970-01-19 05:50:29	Name: _gat_UA-112527136-1 Value: 1
.iqplaywin.com/	1970-01-19 05:51:55	Name: _gid Value: GA1.2.1466529718.1576229086
.iqplaywin.com/	1970-01-19 23:21:41	Name: _ga Value: GA1.2.952927069.1576229086

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
cd-down.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forwardtoo.website
gdmconvtrck.com
goodchoes.host
image.blingee.com
maxcdn.bootstrapcdn.com
srv.ibraincollege.com
www.24t7.me
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.iqplaywin.com
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3b
23.95.97.53
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:818::2003
2a00:1450:4001:824::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:483:6130:3c15:3fed:823c:bf5d
2a05:d018:483:6130:7095:9e50:e827:1089
35.244.175.13
35.244.205.206
52.217.10.198
54.200.87.201
01aae8b606bbd882454b19bb589a1772d0e3e15cac08ea284b70eed4fa23a1a5
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0e5f899215a5cfa75ae13c632036a4e79ecf11c5e07a99dd01d6d63b39dcada5
0fbbdd2d6f32d7e703aeae642fe19bac16f1b65d21dec4ba6d9e8fc966949636
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14b84ef926e1e889dbfb3dc950231fc94bc0cddeb242fb09588485a4e867f047
180dba5b458fbebf2978e38a425ce2fb9021191ccd76422c32a56f281ab40047
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
2f640f5ba5904da1473d871377b12b87bf0a17974873a1e7452b9868391f7126
3c790b5b3250bc10c75f2adcaa442ca1bf4a6d77843577b06116c5078fce571f
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
474ca8753a7863455b503794fbd42e4dae1b2323eff2a14ef3566ddbf136ce8c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5966c18f7e39498820e9a0cd9bd9fe389a5cd03156dbd2e5da64f9d05299f856
5e135cad6faaa9541987deb968e4c27cd9f8da5632d1861367417f78b2245ebd
5efa0c500cfb80d51fe923cb7844f569376b7c4e75d910f3c967212275679189
616eac8cc9b52ab1b0a15be3c65efe0f42a573c2fb20613ee822b92a8fe73756
6e78e6ba1b902515c0ee865bba56c015ed1eb39665a47e6c045573a978a6e585
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
75c57d0d0541d3598425266a6fa1ec8c340c5b45d700cc29d1e56757623524df
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81f7f7891471a8fefa2e5b6ee38b8edf9d547aebc25c8012a948e90e7c97fc6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f36f1d1fb37c710f51e691c5b235cf7e96abc3aec2901570f4b6c529cf057dd
907d1e73a8abda6fdcd260c063e4214baa7680c51a6e66c0d6ce6863729e997b
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
9648a7244b5434a11ed84fd8013ae9efcc26e3cd6f8197bffd8db878558bb001
97a722cd1196db8eb0af4fe26c46a57f05b096edaa8d13f4dfce0a6e96b6f6df
9b76d15a39f5dc658e1988ad1416b2b443be66d1c0f33f9eeedc1d2662a56b7f
a9ed04c2220024ee97b61bce440d886b4e63c6ee13a793ca651d9800c88acff5
ad2c7496f320e7d0d1255c6083619a1e46e0803855f27c2d1751fc47d69a05aa
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbe81d7e77f87f97a8e03488836b7a84f781f13e08c69840c39eea2de3723aa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
f11bace1badb78fbeebd39009b6d77dbcc1e99df014e6f0a91d0407b10cd7a1f
f4c063baccd67ad493ab89445043b693d1c17af019705705b9c07d48410c5438
f6ea0c74c0cc63409015438a76f0f95d39a22bce1790b31f94a483aa4fdc52f1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
fb5da3336782ad73a925f053f4a2c70915fa18c2aa82d7ebfecd7e50c55fc18a

www.iqplaywin.com Open in urlscan Pro 35.244.205.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

71 %IPv6

17 Domains

18 Subdomains

15 IPs

4 Countries

1129 kBTransfer

1993 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.iqplaywin.com Open in urlscan Pro
35.244.205.206 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

71 %
IPv6

17
Domains

18
Subdomains

15
IPs

4
Countries

1129 kB
Transfer

1993 kB
Size

5
Cookies

54 HTTP transactions
0 data transactions