urlscan.io logo urlscan.io
SecurityTrails logo

free.gimmedatvbucks.xyz Open in urlscan Pro
62.113.194.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://champd.com/
Effective URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemob...
Submission: On February 24 via manual from LU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 23 HTTP transactions. The main IP is 62.113.194.12, located in Germany and belongs to TTM, DE. The main domain is free.gimmedatvbucks.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 22nd 2019. Valid for: 3 months.
This is the only time free.gimmedatvbucks.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 109.201.133.69 43350 (NFORCE)
2 54.147.214.17 14618 (AMAZON-AES)
1 1 35.156.197.146 16509 (AMAZON-02)
3 62.113.194.12 47447 (TTM)
2 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:200... 16509 (AMAZON-02)
23 6
2    109.201.133.69 (Rosendaal, Netherlands)

ASN43350 (NFORCE, NL)
champd.com
2    54.147.214.17 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-147-214-17.compute-1.amazonaws.com
usd.photios-raj.com
usd.dauid-iep.com
1    35.156.197.146 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-197-146.eu-central-1.compute.amazonaws.com
qs1ng.bemobtrk.com
3    62.113.194.12 (Germany)

ASN47447 (TTM, DE)
free.gimmedatvbucks.xyz
2    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
15    2600:9000:200d:fa00:b:413c:b700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.cloudcnt.com
Domain Requested by
15 cdn.cloudcnt.com free.gimmedatvbucks.xyz
3 free.gimmedatvbucks.xyz usd.dauid-iep.com
free.gimmedatvbucks.xyz
2 fonts.googleapis.com free.gimmedatvbucks.xyz
2 champd.com 1 redirects
1 qs1ng.bemobtrk.com 1 redirects
1 usd.dauid-iep.com usd.photios-raj.com
1 usd.photios-raj.com champd.com
23 7

This site contains links to these domains. Also see Links.

Domain
qs1ng.bemobtrk.com
Subject Issuer Validity Valid
free.gimmedatvbucks.xyz
Let's Encrypt Authority X3		 2019-02-22 -
2019-05-23		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.cloudcnt.com
Amazon		 2018-08-15 -
2019-09-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Frame ID: C9E74C9A8950F461852B142E3F53E2F0
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://champd.com/ Page URL
  2. http://champd.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBRO... HTTP 302
    http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9... Page URL
  3. http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth... Page URL
  4. https://qs1ng.bemobtrk.com/go/8039fab2-b378-49e5-a703-3a33a6d013f8?cid=zr5bffbb03380c11e9b1e4128755bf30... HTTP 302
    https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&devic... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

23
Requests

87 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1362 kB
Transfer

2462 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://champd.com/ Page URL
  2. http://champd.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=5be79520-380c-11e9-8c28-9ae66e13028e HTTP 302
    http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc Page URL
  3. http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://qs1ng.bemobtrk.com/go/8039fab2-b378-49e5-a703-3a33a6d013f8?cid=zr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a&target=bravo-act-giPhQDuv&source=badious-buzzard&keyword=champs%2Cchampd%2Cchampd.com&match=&traffic_type=DOMAIN&geo=DE&visitor_type=NON-ADULT&age=&education=&ethnicity= HTTP 302
    https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://champd.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=5be79520-380c-11e9-8c28-9ae66e13028e HTTP 302
  • http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
champd.com/ 		288 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
http://champd.com/
Protocol
HTTP/1.1
Server
109.201.133.69 Rosendaal, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
champd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

server
nginx
date
Sun, 24 Feb 2019 08:15:33 GMT
content-length
288
set-cookie
sid=5be79520-380c-11e9-8c28-9ae66e13028e; path=/; domain=champd.com; HttpOnly
cache-control
max-age=0, private, must-revalidate
content-type
text/html; charset=utf-8
connection
close
5bffbb03-380c-11e9-b1e4-128755bf306e
usd.photios-raj.com/zcvisitor/
Redirect Chain
  • http://champd.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&uuid=5be79520-380c-11e9-8c28-9ae66e13028e
  • http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc
1004 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc
Requested by
Host: champd.com
URL: http://champd.com/
Protocol
HTTP/1.1
Server
54.147.214.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-147-214-17.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
694fbc8a84bba0253f58ff336e7f09f500073a986b54d2230b019dc5aed21f86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.photios-raj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://champd.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://champd.com/

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Date
Sun, 24 Feb 2019 08:15:34 GMT
Server
ZeroPark-Traffic
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

server
nginx
date
Sun, 24 Feb 2019 08:15:34 GMT
content-length
11
cache-control
max-age=0, private, must-revalidate
connection
close
location
http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc
zcredirect
usd.dauid-iep.com/ 		832 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usd.photios-raj.com
URL: http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc
Protocol
HTTP/1.1
Server
54.147.214.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-147-214-17.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
0d514b52e0fa4ba2e0cde58fd3abd0b8aeab42bcffb012785b9564090a0e7d25
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.dauid-iep.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usd.photios-raj.com/zcvisitor/5bffbb03-380c-11e9-b1e4-128755bf306e?campaignid=98ef7ad0-3755-11e9-b058-0a157bfa6bfc

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Date
Sun, 24 Feb 2019 08:15:34 GMT
redirected
JS
Server
ZeroPark-Traffic
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
transfer-encoding
chunked
Connection
keep-alive
Primary Request /
free.gimmedatvbucks.xyz/
Redirect Chain
  • https://qs1ng.bemobtrk.com/go/8039fab2-b378-49e5-a703-3a33a6d013f8?cid=zr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a&target=bravo-act-giPhQDuv&source=badious-...
  • https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861...
983 KB
581 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Requested by
Host: usd.dauid-iep.com
URL: http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
f8d21a96713079095d697a166809289061e0ddb5a581a6a4e5de3f546cee79de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
free.gimmedatvbucks.xyz
:scheme
https
:path
/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usd.dauid-iep.com/zcredirect?visitid=5bffbb03-380c-11e9-b1e4-128755bf306e&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status
200
date
Sun, 24 Feb 2019 08:15:35 GMT
content-type
text/html; charset=UTF-8
cdn-pullzone
59512
cdn-edgeid
481
cdn-uid
2a3ad12e-08c4-4010-9a91-8fb48f2e6af9
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cdn-cachedat
2019-02-23 21:08:29
cache-control
public, max-age=2592000
cdn-requestid
dd4ad27d4e967d4b081800389bbb73ea
server
BunnyCDN-DE1-481
cdn-cache
HIT
content-encoding
br

Redirect headers

Server
nginx
Date
Sun, 24 Feb 2019 08:15:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1376
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
bemob-uniq-visit:8039fab2-b378-49e5-a703-3a33a6d013f8=1; Domain=qs1ng.bemobtrk.com; Path=/; Expires=Mon, 25 Feb 2019 08:15:35 GMT; HttpOnly bemob-track-url=https%3A%2F%2Ffree.gimmedatvbucks.xyz%3Fdevice_model%3DApple%2520Macintosh%26browser_ver%3DChrome%252067%26browser%3DChrome%26device_vendor%3DApple%26bemobdata%3Dc%253D8039fab2-b378-49e5-a703-3a33a6d013f8..f%253D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%253D1..b%253D0..e%253Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%253Dbravo-act-giPhQDuv..c2%253Dbadious-buzzard..c3%253Dchamps%25252Cchampd%25252Cchampd.com..c5%253DDOMAIN..c6%253DDE..c7%253DNON-ADULT..r%253Dhttp%25253A%25252F%25252Fusd.dauid-iep.com%25252Fzcredirect%25253Fvisitid%25253D5bffbb03-380c-11e9-b1e4-128755bf306e%252526type%25253Djs%252526browserWidth%25253D1600%252526browserHeight%25253D1200%252526iframeDetected%25253Dfalse; Domain=qs1ng.bemobtrk.com; Path=/; Expires=Mon, 25 Feb 2019 08:15:35 GMT; HttpOnly
Location
https://free.gimmedatvbucks.xyz?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Vary
Accept
X-Response-Time
10.980ms
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubDomains
css
fonts.googleapis.com/ 		34 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
fb1f9d5bb0e63970cd6637d96469272587c1fb097cbb18a5794632ef649e52b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 24 Feb 2019 08:15:35 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 24 Feb 2019 08:15:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 24 Feb 2019 08:15:35 GMT
css
fonts.googleapis.com/ 		432 B
389 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Indie+Flower
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
55754f6c46d0e6741b6d7f41677375d74bb41f096bcc52918ff7dd952ffad062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 24 Feb 2019 08:15:35 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 24 Feb 2019 08:15:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sun, 24 Feb 2019 08:15:35 GMT
truncated
/ 		229 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
166df35ee4afc1e102dac4cb7cd9c7515e12b86ed2eed04b3a1eaa9324430fc6

Request headers

Response headers

Content-Type
image/jpeg
truncated
/ 		234 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abd520e3a7770455c8a8974c79229ab96547293c95e1facd68f7c38d3056a276

Request headers

Response headers

Content-Type
image/png
5b56f8180a913.jpg
cdn.cloudcnt.com/content/image/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b56f8180a913.jpg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
6dd5b09c94702a70cbbe7330ad532ccf05e9d07da1b719f6d2c2a93436630e41
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 19:19:06 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
132989
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
f9UJ5w3hSyCwrOKhdr7A52Gjqhqhzwxs5dJF0GWNhUPIhEgWyixMIQ==
x-content-type-options
nosniff
5b4de38d5c361.png
cdn.cloudcnt.com/content/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b4de38d5c361.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
21bec9d612e8760ff66457ecf60a6429b7e3773ad3d17d9879b27c45919efc08
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 16:53:37 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
141718
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
rw-DxtQ2j1gPOiC2lzXwKQpaBnxCy1-wPp1lG0MiBzq4YWwoPrCzpg==
x-content-type-options
nosniff
5b4dea2159800.jpeg
cdn.cloudcnt.com/content/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b4dea2159800.jpeg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
2a64d97426db2b483cbabdb21020bc7d69c7644aeb59cf725fc448cd2a8d87fb
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 16:55:00 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
141635
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
tpYbyiAtBkjk3sNeo_yWQvraeFQm5SYkNb0vkAemZf171o0Nz2VxFQ==
x-content-type-options
nosniff
5b4eee292c39f.png
cdn.cloudcnt.com/content/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b4eee292c39f.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
338c88e8b33b33d288a758ee3f69f4abb5bbbb22783c3d719ad34a688ff7f2e7
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 15:11:20 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
147855
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
HAwKeqEAmGMlze25cOOAW1bbiNi5sH_B9YEQIwqDVba-AqwaW_8IYg==
x-content-type-options
nosniff
5c37204b220a9.png
cdn.cloudcnt.com/content/image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c37204b220a9.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94091d6ccb6bfc275e9f7c902d8c01e1eed0cd988818ef045b9ec894008d72bd
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 11:41:25 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
246850
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
Q1kmWzKvVanUgE35RpVv-f1bZ-bnyOTlFP6J2G4OV7791fl0ca634g==
x-content-type-options
nosniff
5b4f2f04924bf.jpg
cdn.cloudcnt.com/content/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b4f2f04924bf.jpg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
9bebb341bb792fa3290d2e551ca02c77e9ffb7a35e3fc43e27e89c05e8a998a6
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 11:34:32 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
247263
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
Tus1uWwikTPcoq1FkL157S3Gd-PNgFa1-paYy-GdXUk8NNUJRg5rVg==
x-content-type-options
nosniff
5b4f35f5a49e5.png
cdn.cloudcnt.com/content/image/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b4f35f5a49e5.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f6262e7eeca9bee97e48d0becc26526d75bef39b69ee393a5531b4dc3d9104ee
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 12:53:58 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
69697
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
jycMQRkRQFpBhcULGYdA69L6nyzmPupCD6x7mOBN1vbHKFi31aO-5Q==
x-content-type-options
nosniff
5b8fd99c2d875.jpg
cdn.cloudcnt.com/content/image/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5b8fd99c2d875.jpg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
507a4c8f47d4fbcf9d367aff5ce3b4b09d4b1efe7baa8b64da7ad8be03963f6d
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 11:36:12 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
247163
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
ShIgY29PqJIIpFz4dBqFUS0YgJxrVYdol001O_RUKmgmf4BNTDJWIg==
x-content-type-options
nosniff
5be18f9d1d412.png
cdn.cloudcnt.com/content/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5be18f9d1d412.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a38872e18569051fc2c20def0a5f2f16761718578ca089bb6e482f9e2192cfe4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 11:34:32 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
247263
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
nkBJDOLagUX2_wFPGMopNcaE_mrDuStojq2cIMXkqyH8Is5JeTpoUw==
x-content-type-options
nosniff
5be563e267de8.jpg
cdn.cloudcnt.com/content/image/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5be563e267de8.jpg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
608091f9561b95e27bb731e72f54d870d79fa9719103c4a40e0cc8fa9cfb679b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 10:56:44 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
163131
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
HZX3Vn87XE_iVdnWa-SYTgnyXMXsLJuYRpIJnbOBQ2DmLgm-qXe6qA==
x-content-type-options
nosniff
5c055ab1a28de.png
cdn.cloudcnt.com/content/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c055ab1a28de.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e1da253b2229bbc391384d96d1a3ebbf3c4684a505dc19fa98106280268c4d60
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 19:13:46 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
133309
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
hgpQXxdhXcUtKL3ban4QCzFCirvcBb5-dMP7sh4DHylekOWyADiVNA==
x-content-type-options
nosniff
5c332304256c6.png
cdn.cloudcnt.com/content/image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c332304256c6.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d355f81c3cd98a1e188f253a539c28bb06d510ba91c80441985c38a7440d3943
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 11:39:11 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
246984
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
rQwZv3t_Gf-TvURtQidZGyHBO97UtOY6fP2etn10oC3SEibvLnEm3g==
x-content-type-options
nosniff
5c4f14b042940.png
cdn.cloudcnt.com/content/image/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c4f14b042940.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a8eebd6e302f59fd0dab703e038da2ba2abb6e310cab1d109e5261c817eb767c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 14:42:15 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
236000
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
t9vNyyfX9PgaGnLgNTNPKc1sK3y3RCqiZCv8t0YIBNFKhPyicNEJiQ==
x-content-type-options
nosniff
5c5d97e9c10fc.jpg
cdn.cloudcnt.com/content/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c5d97e9c10fc.jpg
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
89de83a084e7c11c6c398a74d3c52f1396a29a52193b7b2f9271da871a838ba7
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 14:53:47 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
62508
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
D67a_SXp3v2GHCgIC4J7XLPmYSBEKCeCaBHPZf4MeKoe628-f2U2Hw==
x-content-type-options
nosniff
5c054dac59d94.png
cdn.cloudcnt.com/content/image/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudcnt.com/content/image/5c054dac59d94.png
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:fa00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f6262e7eeca9bee97e48d0becc26526d75bef39b69ee393a5531b4dc3d9104ee
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 15:06:46 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
234529
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-xss-protection
1; mode=block
cache-control
max-age=259200
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-id
p72-jNyAnLxkTU-dPDJwy1cvHySB69AMEiLicXl2zpuiEMvHCcEDyw==
x-content-type-options
nosniff
jquery.js
free.gimmedatvbucks.xyz/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free.gimmedatvbucks.xyz/jquery.js
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/jquery.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
free.gimmedatvbucks.xyz
referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
:scheme
https
:method
GET
Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 24 Feb 2019 08:15:35 GMT
content-encoding
br
cdn-edgeid
481
status
200
cdn-cachedat
2019-02-23 21:08:30
cdn-pullzone
59512
x-xss-protection
1; mode=block
last-modified
Fri, 22 Feb 2019 19:39:01 GMT
server
BunnyCDN-DE1-481
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cdn-uid
2a3ad12e-08c4-4010-9a91-8fb48f2e6af9
cache-control
public, max-age=2592000
cdn-requestid
bf91bae99547e3cc6338b0f52ed7a54e
cdn-cache
HIT
x-content-type-options
nosniff
truncated
/ 		159 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d0687d45c9d362f9b948a5f207dee0cdc3ef83fff78c0223acc581559a2c4d5

Request headers

Response headers

Content-Type
image/png
beep-07.wav
free.gimmedatvbucks.xyz/ 		9 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://free.gimmedatvbucks.xyz/beep-07.wav
Requested by
Host: free.gimmedatvbucks.xyz
URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
8b21c1906ec134d7cfdee540bdeb6a1b67d558d8d9f8f0d766ac767e5e1ec676
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/beep-07.wav
pragma
no-cache
accept-encoding
identity;q=1, *;q=0
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
chrome-proxy
frfr
accept
*/*
cache-control
no-cache
:authority
free.gimmedatvbucks.xyz
referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
:scheme
https
range
bytes=0-
:method
GET
Referer
https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Sun, 24 Feb 2019 08:15:35 GMT
cdn-edgeid
481
status
206
cdn-cachedat
2019-02-23 21:08:30
cdn-pullzone
59512
Content-Length
9702
x-xss-protection
1; mode=block
Content-Range
bytes 0-9701/9702
last-modified
Fri, 22 Feb 2019 20:28:39 GMT
server
BunnyCDN-DE1-481
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
audio/x-wav
access-control-allow-origin
*
cdn-uid
2a3ad12e-08c4-4010-9a91-8fb48f2e6af9
cache-control
public, max-age=2592000
cdn-requestid
be64c26cf0fb287dd66fa40f046162ad
cdn-cache
HIT
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| KAKI function| $ function| jQuery number| t

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://free.gimmedatvbucks.xyz/?device_model=Apple%20Macintosh&browser_ver=Chrome%2067&browser=Chrome&device_vendor=Apple&bemobdata=c%3D8039fab2-b378-49e5-a703-3a33a6d013f8..f%3D522f1fa5-2ed4-4861-aa83-85ee0b0449f7..a%3D1..b%3D0..e%3Dzr5bffbb03380c11e9b1e4128755bf306e48623ab4c2fb427d86f38ccc2e50bc9403636862645b617a6a..c1%3Dbravo-act-giPhQDuv..c2%3Dbadious-buzzard..c3%3Dchamps%252Cchampd%252Cchampd.com..c5%3DDOMAIN..c6%3DDE..c7%3DNON-ADULT..r%3Dhttp%253A%252F%252Fusd.dauid-iep.com%252Fzcredirect%253Fvisitid%253D5bffbb03-380c-11e9-b1e4-128755bf306e%2526type%253Djs%2526browserWidth%253D1600%2526browserHeight%253D1200%2526iframeDetected%253Dfalse(Line 1)
Message:
Notifications disabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cloudcnt.com
champd.com
fonts.googleapis.com
free.gimmedatvbucks.xyz
qs1ng.bemobtrk.com
usd.dauid-iep.com
usd.photios-raj.com
109.201.133.69
2600:9000:200d:fa00:b:413c:b700:93a1
2a00:1450:4001:819::200a
35.156.197.146
54.147.214.17
62.113.194.12
0d514b52e0fa4ba2e0cde58fd3abd0b8aeab42bcffb012785b9564090a0e7d25
166df35ee4afc1e102dac4cb7cd9c7515e12b86ed2eed04b3a1eaa9324430fc6
21bec9d612e8760ff66457ecf60a6429b7e3773ad3d17d9879b27c45919efc08
2a64d97426db2b483cbabdb21020bc7d69c7644aeb59cf725fc448cd2a8d87fb
338c88e8b33b33d288a758ee3f69f4abb5bbbb22783c3d719ad34a688ff7f2e7
507a4c8f47d4fbcf9d367aff5ce3b4b09d4b1efe7baa8b64da7ad8be03963f6d
55754f6c46d0e6741b6d7f41677375d74bb41f096bcc52918ff7dd952ffad062
608091f9561b95e27bb731e72f54d870d79fa9719103c4a40e0cc8fa9cfb679b
694fbc8a84bba0253f58ff336e7f09f500073a986b54d2230b019dc5aed21f86
6dd5b09c94702a70cbbe7330ad532ccf05e9d07da1b719f6d2c2a93436630e41
89de83a084e7c11c6c398a74d3c52f1396a29a52193b7b2f9271da871a838ba7
8b21c1906ec134d7cfdee540bdeb6a1b67d558d8d9f8f0d766ac767e5e1ec676
94091d6ccb6bfc275e9f7c902d8c01e1eed0cd988818ef045b9ec894008d72bd
9bebb341bb792fa3290d2e551ca02c77e9ffb7a35e3fc43e27e89c05e8a998a6
9d0687d45c9d362f9b948a5f207dee0cdc3ef83fff78c0223acc581559a2c4d5
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a38872e18569051fc2c20def0a5f2f16761718578ca089bb6e482f9e2192cfe4
a8eebd6e302f59fd0dab703e038da2ba2abb6e310cab1d109e5261c817eb767c
abd520e3a7770455c8a8974c79229ab96547293c95e1facd68f7c38d3056a276
d355f81c3cd98a1e188f253a539c28bb06d510ba91c80441985c38a7440d3943
e1da253b2229bbc391384d96d1a3ebbf3c4684a505dc19fa98106280268c4d60
f6262e7eeca9bee97e48d0becc26526d75bef39b69ee393a5531b4dc3d9104ee
f8d21a96713079095d697a166809289061e0ddb5a581a6a4e5de3f546cee79de
fb1f9d5bb0e63970cd6637d96469272587c1fb097cbb18a5794632ef649e52b7