urlscan.io logo urlscan.io
SecurityTrails logo

www.winnerpillow.cyou Open in urlscan Pro
2606:4700:3035::ac43:ba67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-at...
Effective URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB...
Submission: On February 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::ac43:ba67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winnerpillow.cyou.
This is the only time www.winnerpillow.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 2
Apex Domain
Subdomains		 Transfer
16 winnerpillow.cyou
www.winnerpillow.cyou
322 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
17 2
Domain Requested by
16 www.winnerpillow.cyou www.winnerpillow.cyou
1 www.googletagmanager.com www.winnerpillow.cyou
17 2

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Frame ID: 0CA6C366DF6436FE70AF83EC9DA6CAE8
Requests: 9 HTTP requests in this frame

Frame: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank.htm
Frame ID: 1709E3474CFCFD2F6150F8FD394D8997
Requests: 2 HTTP requests in this frame

Frame: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002.htm
Frame ID: 750184350C1D84D98400E32110BC1618
Requests: 2 HTTP requests in this frame

Frame: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003.htm
Frame ID: 51984E75489A40B9B1FDF4EB3D33A206
Requests: 2 HTTP requests in this frame

Frame: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_004.htm
Frame ID: C1E94418B07642A71C96EBDA32CAEDBB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/W... Page URL
  2. http://www.winnerpillow.cyou/offer.php?id=286&sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/Wu... Page URL
  3. http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

6 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

360 kB
Transfer

669 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g Page URL
  2. http://www.winnerpillow.cyou/offer.php?id=286&sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g Page URL
  3. http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
33e5721fbe2288a669cf3ed2b7dd0d2b209ebdcf59e5d276ee411e526dd3ce73

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666; expires=Fri, 26-Mar-21 10:14:26 GMT; path=/; domain=.winnerpillow.cyou; HttpOnly; SameSite=Lax
X-Powered-By
PHP/7.3.25
CF-Cache-Status
DYNAMIC
cf-request-id
08752179180000c2a93a9d0000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=krTkYTxyY8D3Ch%2BBaJaFA9zed6G%2FWPbHUH1IM4i5LWiAt434SaoQZQfo2DVV84pfQMMqfI0Z2%2BLbruUylgHUDD1OzmGIv9hxnDbO3O3e8RuSRfr3G5UjvrCbsTVSymS8TeA%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62686b6e8d89c2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
www.winnerpillow.cyou/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/jquery-1.11.0.min.js
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer
http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
5146
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
087521796d0000c2a936a78000000001
Last-Modified
Wed, 15 Jun 2016 01:14:34 GMT
Server
cloudflare
ETag
W/"5760abfa-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r25AxANPcmUfxWfT2y5CPokKalG68ERxy2VAWY9saPYQX5yaFJKD%2B7MlUDtDEZMEQ2Q%2F%2BmxkVjy206mRvyQfrxlh%2BViq%2Fu4NtbdeYr%2BB6hmd%2BtK4gvm6ktYUfkucwDfgXYE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
62686b6f1e2dc2a9-FRA
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 10:14:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39388
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Feb 2021 10:14:26 GMT
offer.php
www.winnerpillow.cyou/ 		448 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/offer.php?id=286&sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/ueceml/sdsepijvd789683vbceifwb/1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.25
CF-Cache-Status
DYNAMIC
cf-request-id
08752179930000c2a907831000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8NbkjJLiqN%2FiK%2F%2FtSVt%2BRPpyLolNap882vgrQw357hB8dlhoKLXFhSbaAtiIyp%2BH9uP22U78Q2xcQJ1ceLYFUu4EItLOwFqacfa4GtK1QGx2rAYZtqJVtu7n4zD6MJbwpqs%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62686b6f5e72c2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request bitcoingr.php
www.winnerpillow.cyou/clicks/chapter2/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
7097cfd3637888b84d04d26a0e9ab30195ae343a137de5c28a3e95e29ab90fe0

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/offer.php?id=286&sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/offer.php?id=286&sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.25
CF-Cache-Status
DYNAMIC
cf-request-id
0875217a190000c2a952216000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r708OocbBRLFBRyIGTX6%2BxTXaaapApP1BEX1tMJMz818c%2BwkHxGajE3aaNPLSHiWxWgmKPhnT7Vq1NyimLVm2Kr%2Bjr2Ymnst5ybzK8h8Mck%2FubKz6WFy9tUFQnw60ASvp9Y%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62686b702f52c2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.css
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/bootstrap.css
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e8d733d0be3d1c499c02d5494b2cc2badb0b26fedab3e31906f0c2e981e3d6

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
4019
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217a9f0000c2a9690cf000000001
Last-Modified
Fri, 08 Mar 2019 16:49:39 GMT
Server
cloudflare
ETag
W/"5c829d23-1d97f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IyRuR%2BwdAqxl8LcTfSNLIr8xwDxsiLiAN8UYTRjdDiDT%2BtlVHETueji4%2Fx3bnbY00LUYvvSmUrYIhsq7RuHoKkXsPDJvJZEJXFMjP5886P4mr5%2B8yTbdwpO1HnJ6l8iDrrw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
62686b70f846c2a9-FRA
jquery.js
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/jquery.js
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1615
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217aa3000097d2dbacd000000001
Last-Modified
Fri, 08 Mar 2019 16:49:42 GMT
Server
cloudflare
ETag
W/"5c829d26-1538f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8mkbsCMzsDSfB%2FKXcabedCrGmo9Z0Kk0%2Bhaczr8Qju7Z%2BiUlYQbkXPHhX5seIpOaOJbDVPAFDmkLWuTDSW0HxBsY6kEtpwMeMYd6jef1H01Uc4Q75fNozdK%2BbMM1pbMfgSo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
62686b710ce897d2-FRA
bootstrap.js
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/bootstrap.js
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
4019
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217aa30000074270a39000000001
Last-Modified
Fri, 08 Mar 2019 16:49:40 GMT
Server
cloudflare
ETag
W/"5c829d24-90b5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZlK6kSVPY3sc2zlH8tNjXNZqpOluw8CBs7sTpT%2BdGxwOdXHDGNv11r2wMBdhJ2hqijuD29vIGr%2Fy7%2F3vMxMlflUv9Cd6xKElFSuQk12e39hc%2FySTXpCTNAyI2VgW7lNNef0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
62686b710d710742-FRA
blank.htm
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ Frame 1709 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank.htm
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e275aaeeefc32c9aebbebc0a382c5b337fcd824c342c69e74a27ad08f7a98bc0

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 08 Mar 2019 16:49:37 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
0875217acc000097d2ca989000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bjh59OWtIPonWmEIRqZOI8dxCPeQcID3lnLBBnQt3F943SEh8cAe2KuEMcHlkZP0m9%2BLkTm0R114lQ93p%2F8h%2BSL%2BbPYUW68j1AXW0PgDJL43YCAEW9fH%2FyhgONyfNQg7Z6w%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
62686b714cf797d2-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
blank_002.htm
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ Frame 7501 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002.htm
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46f9d349d0ff48f0ccedad5ad17a90a16f37c5d598a860093c013605248f4dd

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 08 Mar 2019 16:49:36 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
0875217acc000007420daa6000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OuH6j6GmvKsZOOpYUDjBdFXZYnIcyK2GTWa8Y07n1j5qdZuDYCxPWZpTIjE%2B3slNumS%2BybkmWAXKr5F%2B1V2rgClfjAYlVPNVRtjkkh7UOVNOxgmXtzhtQdcaD%2BnW2rZFmpw%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62686b714de40742-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
blank_003.htm
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ Frame 5198 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003.htm
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac2aee2d8bb558d7b534a2627dead6e4c158cc93e06660d82a39b56f7b07840

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 08 Mar 2019 16:49:38 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
0875217acd0000c2a91712b000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qzfTT%2BzG8F4zIJNJsCK1g72gvTGp1%2Bg2Jn8XbgI5kI7nUOwtkl%2B14h2aTgIvyS2%2FZfgMHNC3tCyogACkckuSLNRC0aS2ju7%2BHMcxC8JPkVv6j9hFh26IaRkfxMSmIc5Zll8%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
62686b71489ec2a9-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
blank_004.htm
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ Frame C1E9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_004.htm
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0b06a4617f162a9a1ea5fc8cfb96ffbf12eb499cd20daa543aff07ce2982ff

Request headers

Host
www.winnerpillow.cyou
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d106c05b5ba0ca36fbaad34914928e2431614161666
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 08 Mar 2019 16:49:38 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
0875217ad300004dc4fda65000000001
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cNHjWitEoD2K9TVR4jl4d%2Fm4qi83JztuFN4imYksZT2eULccBOnRnrKZiM5elrtrvAgNin1i0nZeugB%2BWlPLMLP0EXhEhwN6sacmI%2F9%2BndGM6Qtsk85AtOWzYRt5chFnkhU%3D"}]}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
62686b7159de4dc4-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
bitcoingr_files.JPG
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/bitcoingr_files.JPG
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f2ecc1dd7e409ae0925643c518563427a6b9075c9ae081071bb939ff5b8035

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr.php?sid=866949&h=1vHy0Mtx8dbrTRhb7iLlIyCao0tw9pu7tlQyxeF5QTY/WugcMmqkB-_YID9uWW-atpEOlyvMRGKTMASiGYK4HXYgSEwIA0Iy9nhCpj3qg5nc4R7pn_ws-FUiZBUJdPVkbCk6X6WbqXOJIKmK7tbTDjRYEITjjAN6ANhSGY17GLWozdtILD5moYcW5zr3LsDH0g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
1615
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
215800
cf-request-id
0875217ad500004e6d7414e000000001
Last-Modified
Fri, 08 Mar 2019 16:49:35 GMT
Server
cloudflare
ETag
"5c829d1f-34af8"
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GTgTvZ%2FtTSwC9YRylH1N5%2FP39oP5qY4dkqLb2xnZgx9dW4lKsiVoGedsPnikyP%2FIBhRBrMgCVqRKHcHUNfQ6du33xeFCKr9ieNZ6dZuomigY1VY0CgoxwNXx8a3L%2BxVcNm4%3D"}]}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
62686b7159c54e6d-FRA
inject.css
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002_data/ Frame 7501 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002_data/inject.css
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002.htm
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_002.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
1615
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217b3f00000742519ae000000001
Last-Modified
Fri, 08 Mar 2019 16:49:47 GMT
Server
cloudflare
ETag
W/"5c829d2b-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BGg5rc%2BWLcz6qR1YlT5DP%2FYBFjo4tIel2Uu3p3hM9wNCEQN0qkuuNkzoBQyImQ2zDpjmEYYLdbhkxaLJ5Nsk%2B%2FlkZ0kxUL2DWRhgq9XC7G1cezu0hXsZ7sEDSAc5g43iBi0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
62686b71ff6d0742-FRA
inject.css
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003_data/ Frame 5198 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003_data/inject.css
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003.htm
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_003.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
3148
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217b520000c2a927a2f000000001
Last-Modified
Fri, 08 Mar 2019 16:49:48 GMT
Server
cloudflare
ETag
W/"5c829d2c-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bwkyTIYh6S9mYgAxorRO%2BY%2FPVsYp7yAkGE1S61%2BkQi%2Bj780RNXm1XycwRvFHiLdzB2B5ONhonR0Fb6LGKJ35UXRULfUwyKyE0luyiELFUSEGT5AsRs1KsU0gub5CW%2FsBPu4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
62686b72196ec2a9-FRA
inject.css
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_data/ Frame 1709 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_data/inject.css
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank.htm
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
4018
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217b5d000097d2b68d1000000001
Last-Modified
Fri, 08 Mar 2019 16:49:53 GMT
Server
cloudflare
ETag
W/"5c829d31-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rvqlEXnSrRQ0UR4ic3%2Fj8dlGPcluaFGcVk5QDu%2BxU85rwUQnpTgFDGgrXphVPR440aHLkW0sgoAkirbF4yCCkc1KwXSMr%2BpCvA6Zu%2Bupm2VvI8bjcRJXu69UlZnD%2Fwo3dZs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
62686b722d3997d2-FRA
inject.css
www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_data_002/ Frame C1E9 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_data_002/inject.css
Requested by
Host: www.winnerpillow.cyou
URL: http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_004.htm
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:ba67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

Referer
http://www.winnerpillow.cyou/clicks/chapter2/bitcoingr_files/blank_004.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 10:14:26 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1615
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0875217b6800004dc4eb238000000001
Last-Modified
Fri, 08 Mar 2019 16:49:55 GMT
Server
cloudflare
ETag
W/"5c829d33-f28"
Vary
Accept-Encoding
Report-To
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wdFZslqSriLjmpf0yTowZStgxholy%2FVSukyjtncsWOKnv45taX5V03QMokJR7rLLY4Oe2p0Tn%2BK67iCLKo2sgyVLFbtRGBE%2FQxjVM6deKLdlWIYoKaS0gJq7XF%2F2CFVsQh4%3D"}]}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
62686b723bb14dc4-FRA

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.winnerpillow.cyou/ Name: __cfduid
Value: d106c05b5ba0ca36fbaad34914928e2431614161666