urlscan.io logo urlscan.io
SecurityTrails logo

www.viraldestination.com Open in urlscan Pro
2a00:1450:4001:831::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.viraldestination.com/
Effective URL: https://www.viraldestination.com/
Submission: On July 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 26 domains to perform 112 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.viraldestination.com.
TLS certificate: Issued by GTS CA 1D4 on July 24th 2021. Valid for: 3 months.
This is the only time www.viraldestination.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2.18.235.93 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
19 104.19.132.78 13335 (CLOUDFLAR...)
29 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.102.149.62 15169 (GOOGLE)
1 3 13.224.96.53 16509 (AMAZON-02)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.117.200.100 16625 (AKAMAI-AS)
5 5 3.66.53.222 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 104.16.221.74 13335 (CLOUDFLAR...)
1 1 109.206.188.82 50245 (SERVEREL-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 1 142.250.184.226 15169 (GOOGLE)
2 2 13.248.242.197 16509 (AMAZON-02)
2 2 54.225.68.204 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 35.212.212.222 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
22 2606:4700:303... 13335 (CLOUDFLAR...)
112 24
5    2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.viraldestination.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
lg3.media.net
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
19    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
29    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
tpc.googlesyndication.com
lh3.googleusercontent.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
1.bp.blogspot.com
1    34.102.149.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.149.102.34.bc.googleusercontent.com
navvy.media.net
3    13.224.96.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net
sb.scorecardresearch.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    3.66.53.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-53-222.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    109.206.188.82 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net
sync.e-volution.ai
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    54.225.68.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-68-204.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4602:4614:a08b:388f:2234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
22    2606:4700:3030::ac43:dfa8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fitnessandpower.com
Apex Domain
Subdomains		 Transfer
27 googleusercontent.com
themes.googleusercontent.com
lh3.googleusercontent.com
2 MB
22 fitnessandpower.com
www.fitnessandpower.com
1 MB
19 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
149 KB
11 media.net
contextual.media.net
lg3.media.net
navvy.media.net
143 KB
7 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
175 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
11 KB
5 viraldestination.com
www.viraldestination.com
124 KB
3 liadm.com
i.liadm.com
i6.liadm.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
5 KB
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
755 B
2 creativecdn.com
creativecdn.com
687 B
2 adsrvr.org
match.adsrvr.org
905 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 blogspot.com
3.bp.blogspot.com
1.bp.blogspot.com
90 KB
2 gstatic.com
fonts.gstatic.com
20 KB
2 google.com
adservice.google.com
www.google.com
1 KB
1 lentainform.com
cm.lentainform.com
496 B
1 e-volution.ai
sync.e-volution.ai
463 B
1 idealmedia.io
cm.idealmedia.io
413 B
1 blogger.com
www.blogger.com
80 KB
1 googleapis.com
ajax.googleapis.com
30 KB
1 googletagservices.com
www.googletagservices.com
28 KB
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
664 B
112 26
Domain Requested by
26 lh3.googleusercontent.com www.viraldestination.com
22 www.fitnessandpower.com
7 cm.mgid.com jsc.mgid.com
www.viraldestination.com
7 contextual.media.net www.viraldestination.com
contextual.media.net
5 x.bidswitch.net 5 redirects
5 pagead2.googlesyndication.com www.viraldestination.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.viraldestination.com 1 redirects www.viraldestination.com
4 s-img.mgid.com www.viraldestination.com
3 sb.scorecardresearch.com 1 redirects jsc.mgid.com
www.viraldestination.com
3 c.mgid.com jsc.mgid.com
3 lg3.media.net www.viraldestination.com
contextual.media.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 rtb-usw.mfadsrvr.com 2 redirects
2 creativecdn.com 2 redirects
2 i.liadm.com 2 redirects
2 match.adsrvr.org 2 redirects
2 ads.betweendigital.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 cdn.mgid.com www.viraldestination.com
2 fonts.gstatic.com www.viraldestination.com
2 jsc.mgid.com www.viraldestination.com
jsc.mgid.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 1.bp.blogspot.com
1 www.google.com tpc.googlesyndication.com
1 token.rubiconproject.com eus.rubiconproject.com
1 i6.liadm.com www.viraldestination.com
1 cm.g.doubleclick.net 1 redirects
1 cm.lentainform.com www.viraldestination.com
1 pixel.rubiconproject.com www.viraldestination.com
1 sync.e-volution.ai 1 redirects
1 cm.idealmedia.io www.viraldestination.com
1 secure-assets.rubiconproject.com 1 redirects
1 navvy.media.net contextual.media.net
1 servicer.mgid.com jsc.mgid.com
1 3.bp.blogspot.com www.viraldestination.com
1 www.blogger.com www.viraldestination.com
1 ajax.googleapis.com www.viraldestination.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 themes.googleusercontent.com www.viraldestination.com
112 42
Subject Issuer Validity Valid
www.viraldestination.com
GTS CA 1D4		 2021-07-24 -
2021-10-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.viraldestination.com/
Frame ID: 7C4679CF8B0C1A132C9496EDA29C5376
Requests: 103 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html
Frame ID: CAF9B692EEE46077C95F0EEEDEDFDFEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4484246600752286&output=html&adk=1812271804&adf=3025194257&lmt=1627517539&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.viraldestination.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627683811263&bpp=97&bdt=74&idt=97&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2737403752615&frm=20&pv=2&ga_vid=723354929.1627683811&ga_sid=1627683811&ga_hid=308435155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=636373130508539&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Frame ID: 8D3F8B27BDAEA764D3E17F32509C1C5C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2J87N4&https=1&itype=CM
Frame ID: 1D43E65B3929078601C03662FBEF85A4
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63092.js
Frame ID: C9AE4C09777403CB0EFC7CD0D7320129
Requests: 8 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=16276838122501064165
Frame ID: 99F9A86E66E5A825C6C028F332B1F9A6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 9986AA4781E96EC25B97B84DC70E8473
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3059BDA7331E289A0AA42EE1675EA9AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7680F45ABF92A0A2118F74E1670845F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.viraldestination.com/ HTTP 301
    https://www.viraldestination.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

112
Requests

100 %
HTTPS

41 %
IPv6

26
Domains

42
Subdomains

24
IPs

4
Countries

4015 kB
Transfer

5533 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.viraldestination.com/ HTTP 301
    https://www.viraldestination.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 47
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5c8a31e1-81b5-52d4-8057-dffbe153a41f&ssp=mgid&expires=30&user_group=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=5d781f9c-76b6-40c9-86cb-4f614af3e55f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 49
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l6uvVAYePonf HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDZ1dlZBWWVQb25m&muidn=l6uvVAYePonf HTTP 302
  • https://cm.mgid.com/google?muidn=l6uvVAYePonf&google_ula={guid},5&google_gid=CAESEDZMgDdO3e8GWW6xlpAx-0I&google_cver=1
Request Chain 52
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=e4367f90-44de-4156-b75f-2cebf9dde7e1&ttl=1630275812
Request Chain 53
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l6uvVAYePonf HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l6uvVAYePonf HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f HTTP 303
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f&_li_chk=true&previous_uuid=c31490a205204fa78c453fa2e0546795 HTTP 303
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f
Request Chain 54
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=AYqqquoaRW4vlmeHZGin&pi=mgid&tc=1
Request Chain 55
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=00311d0c-0e7a-4d85-b429-48e5881d47c4
Request Chain 56
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9=

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.viraldestination.com/
Redirect Chain
  • http://www.viraldestination.com/
  • https://www.viraldestination.com/
278 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a02afff71f06135cc8ed75db0f5ab43714ef90b3023edd3871105e7448242230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.viraldestination.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Fri, 30 Jul 2021 22:23:31 GMT
date
Fri, 30 Jul 2021 22:23:31 GMT
cache-control
private, max-age=0
last-modified
Thu, 29 Jul 2021 00:12:19 GMT
etag
W/"54129e2c65a5959ecd902b032c436bc8ea49f3c647877f8c5644fd215fdc04d4"
x-robots-tag
all,noodp
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
62689
server
GSE

Redirect headers

Location
https://www.viraldestination.com/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Fri, 30 Jul 2021 22:23:30 GMT
Expires
Fri, 30 Jul 2021 22:23:30 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
179
Server
GSE
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49341
x-xss-protection
0
server
cafe
etag
5430280584477430018
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:23:31 GMT
dmedianet.js
contextual.media.net/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU2J87N4
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f5700a8485b6e08e56ea4cea1b64761479e41f63f63df186133bbfbb77af3e87
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
10-16
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"b8ef13fec486f7a579f9a766c567ba2e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 30 Jul 2021 22:23:31 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-31
expires
Fri, 30 Jul 2021 22:28:31 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95279
x-xss-protection
0
server
cafe
etag
1002108113196412170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Jul 2021 22:23:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/ Frame CAF9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210728/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.viraldestination.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 30 Jul 2021 01:35:11 GMT
expires
Fri, 13 Aug 2021 01:35:11 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
74900
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
viraldestination.com.1118687.js
jsc.mgid.com/v/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/viraldestination.com.1118687.js
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2538b2a6b4f3d02370d5afa594aab7e471c6e4676cb95d8056fe0b0883c98480

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
br
cf-cache-status
HIT
age
7119
last-modified
Tue, 27 Jul 2021 14:47:50 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
5WT5MXHY66FDBY33
x-amz-id-2
qlxO+tKEaTUWeW4yAxBNHcz/3Dktaq6U4aAJLIZaNkc2m2AtBfL5uriS1Ry8QVczOvZWSRYrTR8=
cf-bgj
minify
server
cloudflare
etag
W/"52241854e0b1790c2a5f7fc60de9cf9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6771fded3a0632ad-CDG
expires
Sat, 31 Jul 2021 01:23:31 GMT
image
themes.googleusercontent.com/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=1BiwbBGBzFRCdQNRu7DQafNKBMwYGKATAsa2y6lsE73QKHNDKCrd5hX9dYpMkWFR6G_PG
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d4772917ddfb74ada4f2dd317e3db720caaae0fc3c6ed380898124803ab044d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118623
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.viraldestination.com&callback=_gfp_s_&client=ca-pub-4484246600752286
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
aa801cb285b674dcfb44e2c93cbad84b09625144323b8060a79427e4a11cf818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.viraldestination.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.viraldestination.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D3F 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4484246600752286&output=html&adk=1812271804&adf=3025194257&lmt=1627517539&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.viraldestination.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627683811263&bpp=97&bdt=74&idt=97&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2737403752615&frm=20&pv=2&ga_vid=723354929.1627683811&ga_sid=1627683811&ga_hid=308435155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=636373130508539&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-4484246600752286&output=html&adk=1812271804&adf=3025194257&lmt=1627517539&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.viraldestination.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627683811263&bpp=97&bdt=74&idt=97&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2737403752615&frm=20&pv=2&ga_vid=723354929.1627683811&ga_sid=1627683811&ga_hid=308435155&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=636373130508539&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.viraldestination.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 30 Jul 2021 22:23:31 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 22:38:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627644667915703"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Fri, 30 Jul 2021 22:23:31 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22df6f5eb095e7178122e3fa56cfd1dfd360b11991fff2e55fb4d7606c682141

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		365 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		1008 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		634 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e394e4104c33965e3b520818ecd2d104d5d9f99be53f7b95a1b5d30360c0bb9c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 00:15:17 GMT
x-content-type-options
nosniff
age
338894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9864
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:31:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:15:17 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Jul 2022 22:14:01 GMT
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63341bdb393e25837cdbb6fd2a69dae26308959238e382e86c5e9732e070049b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4447ed412adabee6f2b76183006769a343b840bcd12dca46d08f848aa5ad34e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
fcmain.js
contextual.media.net/1017354394/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU2J87N4&cpcd=CBEiW6cZUU6wOmI9UX3sgw%3D%3D&crid=830781605&size=160x600&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwww.viraldestination.com%2F&nse=5&vi=1627683811193352275&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2J87N4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52248ecce8ea033c7bdf3cc6b5592a94c1c015b8e6a343e5c197c9d115e5e0cc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
10-4
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
date
Fri, 30 Jul 2021 22:23:32 GMT
x-mnt-w
21-bmq2, 21-75m4
content-length
24427
expires
Fri, 30 Jul 2021 22:23:32 GMT
checksync.php
contextual.media.net/ Frame 1D43 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2J87N4&https=1&itype=CM
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6699dfecfadc3f279a5edecb35a30e392a6b907ccdc7fdb6e477d3f236180484
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2J87N4&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.viraldestination.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 31 Jan 2022 22:23:31 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 01 Aug 2021 22:23:31 GMT
date
Fri, 30 Jul 2021 22:23:31 GMT
content-length
5706
bping.php
lg3.media.net/ 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU2J87N4&crid=830781605&vi=1627683811193352275&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886993991&r=1627683811466&requrl=https%3A%2F%2Fwww.viraldestination.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1627683811129238602&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p1108708521t202107302223&vgd_pgids=1&vgd_uspa=0&hvsid=00001627683811463015095070728252&gdpr=1&vgd_end=1
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 30 Jul 2021 22:23:31 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 30 Jul 2021 22:23:31 GMT
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 12:23:35 GMT
x-content-type-options
nosniff
age
295196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9988
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:34:05 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 12:23:35 GMT
viraldestination.com.1118687.es6.js
jsc.mgid.com/v/i/ 		226 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfecfa0d74f3709b57dde701081e11059541fad4234b95309509cb7f92ad8f3

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
br
cf-cache-status
HIT
age
7118
last-modified
Tue, 27 Jul 2021 14:47:50 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
CRVG9M07KCRJQVZE
x-amz-id-2
0UCeGV/5Tasi1t4M1OC0vyzvyO1o7L+rb4UIu+obRj5tr4B0Ff2s6+2IwTSBi/rSpgTH3NynFIs=
cf-bgj
minify
server
cloudflare
etag
W/"fc5fc5ae38cb4b794540f307e345232e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6771fdedf9f7cd8b-CDG
expires
Sat, 31 Jul 2021 01:23:31 GMT
7317598424819051988
www.blogger.com/feeds/6694157898824685794/pages/default/ 		392 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/feeds/6694157898824685794/pages/default/7317598424819051988?alt=json-in-script&callback=garen
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a02ab605a8717ece5e3d683047665f211a0dcdc7d91944fecbaf6688596138d
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 16:27:46 GMT
server
GSE
etag
W/"705f80e7a7744768bec72a5649deceff994be1154d6e36d6b84f67ade46f3b1b"
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
private, max-age=0
date
Fri, 30 Jul 2021 22:23:31 GMT
cross-origin-resource-policy
cross-origin
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81323
x-xss-protection
1; mode=block
expires
Fri, 30 Jul 2021 22:23:31 GMT
log
lg3.media.net/ 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=lnafl&&gdpr=1&cid=8CU2J87N4&requrl=https%3A%2F%2Fwww.viraldestination.com%2F%40-%40mnetugd%3D4%40-%40&con=%22%22&flres=3
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:31 GMT
server
Jetty(9.4.35.v20201120)
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 30 Jul 2021 22:23:31 GMT
/
c.mgid.com/pv/ 		0
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1627683811776748006299&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.viraldestination.com%2F&lu=https%3A%2F%2Fwww.viraldestination.com%2F&sessionId=61047be4-176b6&pageView=1&pvid=17af983f1c1bae61acc&site=700781&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdefac1c32ad-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
br
cf-cache-status
HIT
age
4758
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6771fdefcc3632ad-CDG
expires
Sat, 31 Jul 2021 22:23:31 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:31 GMT
content-encoding
br
cf-cache-status
HIT
age
5051
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6771fdefcc3732ad-CDG
expires
Sat, 31 Jul 2021 22:23:31 GMT
256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6c6436bea6fd5f5baaac25d26ad7c69ea0c4f0d2ad9a6ad638629a1f59119c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 19:35:26 GMT
x-content-type-options
nosniff
age
10086
content-disposition
inline;filename="256-256.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1333
x-xss-protection
0
server
fife
etag
"v4ed"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 06 Jul 2021 23:33:59 GMT
1
servicer.mgid.com/1118687/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1118687/1?pv=5&cbuster=1627683812065930668939&niet=4g&nisd=false&jsv=es6&w=1100&h=275&p3_w=264&p3_h=229&maxw_3=264&maxh_3=229&cols=4&ref=&cxurl=https%3A%2F%2Fwww.viraldestination.com%2F&lu=https%3A%2F%2Fwww.viraldestination.com%2F&sessionId=61047be4-176b6&pageView=1&pvid=17af983f1c1bae61acc&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f4d7800d910b0089e0031e4cf0a94bd8c83df22b1a0889d3c05336588d035d

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf17d8a32ad-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
nrrV63092.js
contextual.media.net/4a/ Frame C9AE 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV63092.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2J87N4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ee5af628c98422d7e260a0717ccf78ba179a252656049f02def5883915d3e3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"1e9f183fdcb1439df06b39b382b73fc5"
vary
Accept-Encoding
x-mnet-h
8-10
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Fri, 30 Jul 2021 22:23:32 GMT
content-length
29822
expires
Fri, 13 Aug 2021 22:23:32 GMT
1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame C9AE 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800028474/1x1.gif
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
last-modified
Mon, 04 Jun 2018 10:04:19 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=162324
accept-ranges
bytes
content-length
42
expires
Sun, 01 Aug 2021 19:28:56 GMT
truncated
/ Frame C9AE 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C9AE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Open-sans.woff
contextual.media.net/__media__/fonts/Open-sans/ Frame C9AE 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Open-sans/Open-sans.woff
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8b56f5b126fd70a53e7d280ce31a5048a39ef1c2784b280ed7bd53c26165e9a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24884
expires
Sat, 31 Jul 2021 22:23:32 GMT
bullet12.woff
contextual.media.net/__media__/fonts/bullet12/ Frame C9AE 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/bullet12/bullet12.woff
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5216d8d82c0c227f6efb8d924f603fe922e2608740205873d74c8d3e0f3e0c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1716
expires
Sat, 31 Jul 2021 22:23:32 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x328/0x39x564x376/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164899/492x328/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1627683812-q4IBrSIzsQootbOzoRSMTctDgjqIf9zvO_OpuT-me3I
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b309847fc8aa94a0d4cc2895931108c23af9f168d20ba46a4b5b78093811151f

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:19:08 GMT
x-mg-request-uuid
950d8915-5146-4f68-a161-0135774ed072
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6771fdf2687d40b7-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29986
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2I1NWM1M2QxNDIxN2UwNTQyOGRkNzczMDVlYzExNzQ0LmpwZWc.webp
s-img.mgid.com/g/8164858/492x328/0x0x866x577/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164858/492x328/0x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2I1NWM1M2QxNDIxN2UwNTQyOGRkNzczMDVlYzExNzQ0LmpwZWc.webp?v=1627683812-qLeuMnP45v2Y7KQ98bGMULhDhKr4Ehuc5y5eJFxpDqU
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dedd82990391ed8ae215031403f8105bb5c28b73995d5f567d95e55443122de1

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:08:29 GMT
x-mg-request-uuid
0e6a314b-d236-43b6-99fe-9aab016f9593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6771fdf2687e40b7-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19216
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x328/16x0x492x328/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1627683812-dJlTcN2r1Nnc0wQeW6aPNkEEGLzwAyPIXbi8lpcZfw0
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:58:24 GMT
x-mg-request-uuid
e1ffd289-302c-4c2c-a652-d28fccf74e40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6771fdf2688040b7-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10296
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x328/0x311x684x456/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1627683812-QjGzGmwzTFNKtIEamkEJZP_-f6Kr3n3S3ZbulmUl-bg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159

Request headers

Origin
https://www.viraldestination.com
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:43:31 GMT
x-mg-request-uuid
5af327f8-e464-4e97-b24b-cc8a94cf1249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6771fdf2688240b7-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16586
server
cloudflare
i.js
cm.mgid.com/ 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1627683812233196337835
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4340cf08e4e5aad60d6a020d1c5805fbd43998025c9595f19edc61942f182296

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
2a0313dc-73d9-415c-a7dc-7c25d43315fe
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf28e6332ad-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
bql.php
lg3.media.net/ Frame C9AE 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001627683811463015095070728252&geo=50.12|8.68&dlper=25&lper=100&fp=_8M2n9pwYTy8YQsSFT3y46R3gSVgdw7nKk0glKJSPeGrSd-BCHkM8VrDJmwh_Dl_n9WjuLgW7_INrjUHpEmrmx1rFf_OnFDZpNr3PN2wqjHbfIBBkOve_AyY_kuDZ8PbGaR5XXGcil4%3D&lpid=&tsid=2&q=&prv=&type=&ps=&cme=HCjsJZucZbGHN0M-R0-Ji1zWwWa5TaR9Ac_B-strZl7ULvWUhTwb2JhaB0GpXf7dHSABwrwxLEgA74L1rMvpENUjyVAS3umadOeqJPLS3S7omPn4bCYdk4Um0BOKIPcCAmcgIdldMldhSh1i069udnqcaDEu1fCYLlAS--FeM57xkEIRIEll3gy7Kxt8hPTNlIY7usr8NR4wLuL8QCspX4VffhOh8dDMpcN4Vda8dIwCDnJQGvR5lA%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaGz4zDDqLn_3_4hG_koBtI0tIOZgcPACERv5y_Ee7-x9A%3D%3D%7CN7fu2vKt8_s%3D%7CSugUF8l65XfGW9efTsxpMyqkStQWZYBXiv5RFv8ZO9hGvWBVybM5Y-KVli7L8Jz68dhBLFu-c8k7STTyjaXFhjbGb-ZOOn5mr33tMNtTYht09SdTKKvnVGj_ZhmgEdLb38uss3xMz9IlRRW_O-Y9djRSi_D4BiNUgGYj3cqrWsmpTB4TS8uEUlcc4PIVcqWZUY85FtwcScLa-5Bpmq3tM5yMkUVfn5m7%7C&hint=&td=&cc=DE&wsip=170721327&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=fuoyxQBuG&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=232&kwd[]=Shark%20Tank%20Keto%20Diet&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=1&kid[]=329693666&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.29%7C%7Clvl%3D1.17&ktd[]=274895077632&kwd[]=1200%20Calorie%20Diet%20Menu&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=2&kid[]=110010&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Diet%20Menu&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=3&kid[]=3464637&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.01%7C%7Clvl%3D1.00&ktd[]=274895077632&kwd[]=Exercises%20to%20Lose%20Arm%20Fat&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=4&kid[]=80871034&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.06%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Diet%20for%20Seniors&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=5&kid[]=324846069&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.14%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Workout%20Routine%20for%20Weight%20Loss&kwt[]=232&kbc[]=8b04e44411149ffa21582d52d24e6b2e.d2s&kwp[]=6&kid[]=185033592&kbc2[]=0%7C%7Cps%3D0.991%7C%7Crpc%3D0.23%7C%7Clvl%3D1.00&ktd[]=274895077632&rand=1627683812201&cid=8CU2J87N4&vwid=1627683811193352275&vi=1627683811193352275&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1627683811129238602&vgd_l1rhst=contextual.media.net&vgd_lhl=888&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1627683811463&upk=1627683811.28952&hvsid=00001627683811463015095070728252&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&pid=8PO2ID1SJ&katen=1&pc=27&vgd_pgid=p1108708521t202107302223&matm=1627683812207&vgd_ltime=779&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=807056986&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D27&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721406&vgd_nrrsf=nrr&vgd_nrrv=63092&vgd_nrrs=63092&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-830781605%7CDIV&vgd_x_pos=1050&vgd_y_pos=2133&vgd_ren_page_h=4641&vgd_cty=FRANKFURT&vgd_l1hcsd=N16%7C5022&vgd_sethcsd=N4%7C4962&vgd_cfud=200218&vgd_is_amp=0&vgd_icat=225&vgd_spcat=500263&vgd_optout=0&vgd_ect=4g&vgd_rensize=280_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&requrl=https%3A%2F%2Fwww.viraldestination.com&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1627683811193352275%26esi%3D1%26size%3D160x600%26crid%3D830781605%26vpf%3D000%26cid%3D8CU2J87N4%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DCBEiW6cZUU6wOmI9UX3sgw%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO2ID1SJ%26requrl%3Dhttps%253a%252f%252fwww.viraldestination.com%26%26katid%3D807056986%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A280%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A6&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63092.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 30 Jul 2021 22:23:32 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 30 Jul 2021 22:23:32 GMT
log
navvy.media.net/ Frame C9AE 		35 B
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV63092.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.149.102.34.bc.googleusercontent.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
via
1.1 google
server
Jetty(9.4.7.v20170914)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
alt-svc
clear
content-length
35
expires
Fri, 30 Jul 2021 22:23:32 GMT
i-noref.js
cm.mgid.com/ Frame 99F9 		19 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=16276838122501064165
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
9c6a030b-d579-4a8c-a444-77e83aaa90b7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf29e7432ad-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-53.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:07:09 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
984
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
9fS2zK0QGhF_pTKuj_AQ7ro_K-N0pW11tpO-8Yw2N1l6pRKONgbE4w==
usync.html
eus.rubiconproject.com/ Frame 9986
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1627683812233196337835
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.viraldestination.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jul 2021 22:23:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Fri, 30 Jul 2021 22:23:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5c8a31e1-81b5-52d4-8057-dffbe153a41f&ssp=mgid&expires=30&user_group=1
  • https://cm.mgid.com/m?cdsp=433145&c=5d781f9c-76b6-40c9-86cb-4f614af3e55f&gdpr=&gdpr_consent=&us_privacy=
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=5d781f9c-76b6-40c9-86cb-4f614af3e55f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
fcb62038-68e1-4489-a493-d8c7ff4938aa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf43e04cd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=5d781f9c-76b6-40c9-86cb-4f614af3e55f&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 30 Jul 2021 22:23:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l6uvVAYePonf
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6771fdf348f0cd83-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l6uvVAYePonf
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 30 Jul 2021 22:23:32 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
cm.lentainform.com/setmuidn/ 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l6uvVAYePonf
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6771fdf34e130883-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDZ1dlZBWWVQb25m&muidn=l6uvVAYePonf
  • https://cm.mgid.com/google?muidn=l6uvVAYePonf&google_ula={guid},5&google_gid=CAESEDZMgDdO3e8GWW6xlpAx-0I&google_cver=1
0
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l6uvVAYePonf&google_ula={guid},5&google_gid=CAESEDZMgDdO3e8GWW6xlpAx-0I&google_cver=1
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf34d6dcd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l6uvVAYePonf&google_ula={guid},5&google_gid=CAESEDZMgDdO3e8GWW6xlpAx-0I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=e4367f90-44de-4156-b75f-2cebf9dde7e1&ttl=1630275812
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=e4367f90-44de-4156-b75f-2cebf9dde7e1&ttl=1630275812
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
94e0dbce-7d64-4260-852e-f96dfc00061d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf42dfccd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=e4367f90-44de-4156-b75f-2cebf9dde7e1&ttl=1630275812
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
52164
i6.liadm.com/s/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l6uvVAYePonf
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l6uvVAYePonf
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f&_li_chk=true&previous_uuid=c31490a205204fa78c453fa2e0546795
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4602:4614:a08b:388f:2234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 22:23:33 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
4a974b735a2516e9
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5d781f9c-76b6-40c9-86cb-4f614af3e55f
Date
Fri, 30 Jul 2021 22:23:32 GMT
Connection
keep-alive
trace-id
2187b66ed2bd1766
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=AYqqquoaRW4vlmeHZGin&pi=mgid&tc=1
43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=AYqqquoaRW4vlmeHZGin&pi=mgid&tc=1
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
22e857c5-634f-4f5c-91eb-2af114d725bf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf36d81cd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=AYqqquoaRW4vlmeHZGin&pi=mgid&tc=1
pragma
no-cache
date
Fri, 30 Jul 2021 22:23:32 GMT, Fri, 30 Jul 2021 22:23:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=00311d0c-0e7a-4d85-b429-48e5881d47c4
43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=00311d0c-0e7a-4d85-b429-48e5881d47c4
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
bb5c13d5-dbf2-4075-a5de-5b840fcb3ecc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdf75802cd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=00311d0c-0e7a-4d85-b429-48e5881d47c4
date
Fri, 30 Jul 2021 22:23:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9=
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9=
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-53.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:32 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2uiH0dVp1QkDiM_JgQvrwmbaQFGjrPTHXCp7riIQ-6hTee8yiOFp9g==

Redirect headers

date
Fri, 30 Jul 2021 22:23:32 GMT
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627683812367&ns_c=UTF-8&cv=3.5&c8=ViralDestination&c7=https%3A%2F%2Fwww.viraldestination.com%2F&c9=
content-length
188
x-amz-cf-id
plSYd3HTAs3MBEm3chX4n3ynicd1EvFJTWzhEmmwNUixj_95ZguhbQ==
usync.js
eus.rubiconproject.com/ Frame 9986 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 22:23:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77102
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9359
Expires
Sat, 31 Jul 2021 19:48:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame 9986 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210728&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49f71ad5e5941a63f27278e6c9c40103e30724da089d5e93a6e7e87dbee13b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Jul 2021 22:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8563
x-xss-protection
0
viraldestination
www.viraldestination.com/feeds/posts/default/-/ 		101 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.viraldestination.com/feeds/posts/default/-/viraldestination?alt=json&redirect=false&start-index=1&max-results=10
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
024b72f22365ba76e377655c47bf20484e9e2c773616719656f4af6e6e1393ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default/-/viraldestination?alt=json&redirect=false&start-index=1&max-results=10
pragma
no-cache
cookie
__gads=ID=43ffd055a32562af-2237821f7ec90093:T=1627683811:RT=1627683811:S=ALNI_Ma0nIJyiNTWx1V3UMpV9mrX_VkY5g; session_depth=www.viraldestination.com%3D1%7C830781605%3D1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1118687%22%3A%7B%22page%22%3A1%2C%22time%22%3A1627683812174%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.viraldestination.com
referer
https://www.viraldestination.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:12:19 GMT
server
blogger-renderd
etag
W/"fd5e9d72da160f5eb86b355be59953e3e5108e71fd22779bd602b7576f4b04aa"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
25018
x-xss-protection
0
expires
Fri, 30 Jul 2021 22:23:34 GMT
viraldestination
www.viraldestination.com/feeds/posts/default/-/ 		55 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.viraldestination.com/feeds/posts/default/-/viraldestination?alt=json&redirect=false&start-index=1&max-results=5
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
9b51f595bd92b65d5fefdcdc321c139cdfa85c0683afca58aa4ad3b500b63a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default/-/viraldestination?alt=json&redirect=false&start-index=1&max-results=5
pragma
no-cache
cookie
__gads=ID=43ffd055a32562af-2237821f7ec90093:T=1627683811:RT=1627683811:S=ALNI_Ma0nIJyiNTWx1V3UMpV9mrX_VkY5g; session_depth=www.viraldestination.com%3D1%7C830781605%3D1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1118687%22%3A%7B%22page%22%3A1%2C%22time%22%3A1627683812174%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.viraldestination.com
referer
https://www.viraldestination.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:12:19 GMT
server
blogger-renderd
etag
W/"9318fd4e2cea64b0ca3b4ba2294500b16228d84a44df4ff75cdf1dfec318db9b"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
14781
x-xss-protection
0
expires
Fri, 30 Jul 2021 22:23:34 GMT
Bodybuilding
www.viraldestination.com/feeds/posts/default/-/ 		95 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.viraldestination.com/feeds/posts/default/-/Bodybuilding?alt=json&redirect=false&start-index=1&max-results=12
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
142e8800a5277e5483caf0a1d451db8affbd5e48e38d3facf4a75be00412a34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default/-/Bodybuilding?alt=json&redirect=false&start-index=1&max-results=12
pragma
no-cache
cookie
__gads=ID=43ffd055a32562af-2237821f7ec90093:T=1627683811:RT=1627683811:S=ALNI_Ma0nIJyiNTWx1V3UMpV9mrX_VkY5g; session_depth=www.viraldestination.com%3D1%7C830781605%3D1; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1118687%22%3A%7B%22page%22%3A1%2C%22time%22%3A1627683812174%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.viraldestination.com
referer
https://www.viraldestination.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:12:19 GMT
server
blogger-renderd
etag
W/"e51288ae864b7c6400f1fb729fb5395f7e8ace6187d1133802469604a0ffa878"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
23113
x-xss-protection
0
expires
Fri, 30 Jul 2021 22:23:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4484246600752286&plah=www.viraldestination.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 30 Jul 2021 22:23:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3059 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.viraldestination.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 30 Jul 2021 20:10:30 GMT
expires
Sat, 30 Jul 2022 20:10:30 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7680 		783 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a0b9df4697d5e9dbd3cfe956ab26d0ae705aaf6c8206d6c16a55b4e3eb374490
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h7kv88BznLiRn01Ktr+2gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.viraldestination.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.viraldestination.com/

Response headers

expires
Fri, 30 Jul 2021 22:23:33 GMT
date
Fri, 30 Jul 2021 22:23:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-h7kv88BznLiRn01Ktr+2gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 3059 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 11:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
123819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Jul 2022 11:59:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210728&jk=636373130508539&bg=!dXaldjLNAAals0SOpbM7ACkAdvg8WuO5oiSFLMX442oTzPhHxR9-mjnuhwncsCkbw72budp9JJRmYQIAAABPUgAAAAtoAQcKAEojla-6Kjo5rV053vhY4_lq5DQWTQnpYfMUsZaoqBa682OIxxhQWIJVD7iRR23mp_qBnzY7Dbr6vl8foYJ_ucCS3HczS5cA0oWcr5kCjw_Z4QOIuu_lV7HkZhDDKxsvSXzTuaCwaOmQHdo-vYIDxswC9TznS-6z5tsgcRHhXg7PluaICYMrI-MdIXyWBGdE-tffcIdzQphKOSAlvb_kHB6vMCGeXizYHMWcrMBueF7Ztq38Lbo9C5nzx_V8CMaVAoHSUSSVFAa72ss9g4PIIyKH04JPuLk_h4mgBDrKEQIAeL4fG_SxSGomtSco3YEoH4QKdvqdAS3VWlCndChMXhZIkSTgFvheAk7yRLvYrvZBmE1biBeqbi2UN5aVlUi9O2MXhgXuYKczGPt3VQa2StZv30q9Ej85YxRaCpp2b-A9iuUbRmNUEjxCsWEpAieH3zZWeEC4Bvl84jRlDwwF6oGy_PBxVdOLMW5yFa--KNMkYsHvFpZoPOz9vSQaFG2ftGrV61gqNb0XCe7MtmjL0JijWiPJ2oWU8X9s07NccypMlTUPU0BndfHX_ajjUzfcr2kpVN3GT2LltMRUcLqaAJ1fG771plqBcSG98aaPhBVIeybQF2DQmDkJcKza99KNfM5mmOLe3nia9l1Q07urYKZaHz4ngFaAKFlu6xOZfVHP2UlC0xGW0aH8e1A2o9vDqwuo0OqRpcS1-rZ-VlsWzDBJ0BdU1oL7I1RT9wIj0eZP37iRPC_2kHC5NzXZtiDiyy_EwiJhMqC6JrFjb6xBIER7GNNuQHqzNwV25j1bbi9n0Q0OKbYhvMXtT9-R86f1upILsF9_oPqussvynxA-KmUWFH2vKJYYCbfMkxjddoG8YXJZEcKdH-mNWZMJ9VXiicVCB6vqrn4m0EEolE8gErijT2gyfI8ytuPh8_11zqHtr_QE8EU5CMutaNUQITs6jhUU5Nhvc51i6BQZHUI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		806 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e25b441dc80580f0fa1cfc502bf97fdd2189b474c8f0c58c56257b013f927b3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
foods-boost-testosterone-680x350.jpg
lh3.googleusercontent.com/-xHCsQadlO5c/YPQudnDJHoI/AAAAAAAAEjg/U3xbUlLJ5o08dMHHR7KLIw4PM6yzHHQhwCNcBGAsYHQ/w640-h330/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-xHCsQadlO5c/YPQudnDJHoI/AAAAAAAAEjg/U3xbUlLJ5o08dMHHR7KLIw4PM6yzHHQhwCNcBGAsYHQ/w640-h330/foods-boost-testosterone-680x350.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
13fb29157712975644ca81830022c84dad1da1f3659d4c76088eee22aef9bd4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:25 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="foods-boost-testosterone-680x350.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51215
x-xss-protection
0
server
fife
etag
"v1239"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Jul 2021 00:17:04 GMT
how-to-add-hiit.jpg
lh3.googleusercontent.com/-1Yhav0bTEFU/YPLdpixSBnI/AAAAAAAAEjU/IwJI4Wu4uMMeHWnmfufOWWUcucnAa_m_wCNcBGAsYHQ/w640-h339/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-1Yhav0bTEFU/YPLdpixSBnI/AAAAAAAAEjU/IwJI4Wu4uMMeHWnmfufOWWUcucnAa_m_wCNcBGAsYHQ/w640-h339/how-to-add-hiit.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ac42e9ccc3d491c191055a23127c634df62b41990d0c5ccc73e4aa18dc3bf5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:25 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="how-to-add-hiit.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72466
x-xss-protection
0
server
fife
etag
"v1236"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 18 Jul 2021 19:27:47 GMT
push-pull-legs-routine.jpg
lh3.googleusercontent.com/-NsyyCx2MGdU/YPGDpMmsQtI/AAAAAAAAEi8/4VZPts4aMtsWUe2TGfhGxIaY2YHlwpc0wCNcBGAsYHQ/w640-h360/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-NsyyCx2MGdU/YPGDpMmsQtI/AAAAAAAAEi8/4VZPts4aMtsWUe2TGfhGxIaY2YHlwpc0wCNcBGAsYHQ/w640-h360/push-pull-legs-routine.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1fefd9349434cae1fea8dd3ad4bf86486dcf8e9f9c040c38ce86be81b235e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="push-pull-legs-routine.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64137
x-xss-protection
0
server
fife
etag
"v1230"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 17 Jul 2021 16:24:49 GMT
paused-shrugs-for-bigger-traps.jpg
lh3.googleusercontent.com/-SsKnUJ2IaJg/YPBROoM8PsI/AAAAAAAAEi0/LWLs2wj4Nugl5bCOTvZgjZktTV-m0butwCNcBGAsYHQ/w640-h351/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-SsKnUJ2IaJg/YPBROoM8PsI/AAAAAAAAEi0/LWLs2wj4Nugl5bCOTvZgjZktTV-m0butwCNcBGAsYHQ/w640-h351/paused-shrugs-for-bigger-traps.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89df4a7d0a8745da51a9ffb5ef53d29fac8d8ef7b823610ee67f7513f205aa14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="paused-shrugs-for-bigger-traps.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61944
x-xss-protection
0
server
fife
etag
"v122e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:02 GMT
dumbbell-shrug-anatomy.jpg
www.fitnessandpower.com/wp-content/uploads/2018/07/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/07/dumbbell-shrug-anatomy.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5ad10ae9ae6ea7ffae77a26dc3142d1b977497458846a31cf3f05503e5ba80

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1632031
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33101
last-modified
Tue, 31 Jul 2018 09:09:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPC4Inso39EL%2BsLMBhCQWpTDSb6VdjEjsOeJuwHUP64EFS%2FdqEw%2FqTs%2BlSu4B17r9VV4Xii2jtGv1K80yhVu9HWo5T9gIdANXjq3d4xTaRHGl6SHBjoolzKBb94ROSP2IxMLfZenMwUfasXZiR9ygFQDTkzmYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfa5eb10ebb-FRA
expires
Tue, 12 Jul 2022 01:03:02 GMT
enter-ketosis.jpg
lh3.googleusercontent.com/-5g2hL8-WYkc/YO8AcFaFUmI/AAAAAAAAEis/03HMnK1ddUAtax4uacn4NDooVVPLRgCdQCNcBGAsYHQ/w640-h307/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-5g2hL8-WYkc/YO8AcFaFUmI/AAAAAAAAEis/03HMnK1ddUAtax4uacn4NDooVVPLRgCdQCNcBGAsYHQ/w640-h307/enter-ketosis.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98757f8d6eb6e75baa3498bc4886a041509f322f702410ac415e3b1bed3979b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="enter-ketosis.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62023
x-xss-protection
0
server
fife
etag
"v122c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:05:53 GMT
muscle-building-hacks.jpg
lh3.googleusercontent.com/-YsHVb9SCsSo/YO2Sxpb0v7I/AAAAAAAAEik/idi3jBv7uRobF-J19yM5cTXxPnuq6QtdwCNcBGAsYHQ/w640-h394/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-YsHVb9SCsSo/YO2Sxpb0v7I/AAAAAAAAEik/idi3jBv7uRobF-J19yM5cTXxPnuq6QtdwCNcBGAsYHQ/w640-h394/muscle-building-hacks.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9782a64814f2bcc92b04b7325fe535e09168a186c5998b768a64d6bf3bea15eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="muscle-building-hacks.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68548
x-xss-protection
0
server
fife
etag
"v122a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:03:11 GMT
strength-matters2.jpg
lh3.googleusercontent.com/-wLKmjiB630Y/YOxFHGYMDcI/AAAAAAAAEiQ/96wcVgkc1Lsq3N6t31j4qMAT938JGoWegCNcBGAsYHQ/w640-h355/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-wLKmjiB630Y/YOxFHGYMDcI/AAAAAAAAEiQ/96wcVgkc1Lsq3N6t31j4qMAT938JGoWegCNcBGAsYHQ/w640-h355/strength-matters2.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
18145142f406ec899eda5ff5adaa652ef80597499f4e50f632e4eb99c693e3e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="strength-matters2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82424
x-xss-protection
0
server
fife
etag
"v1225"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:03 GMT
how-much-protein-losing-fat.jpg
lh3.googleusercontent.com/-PSMkkNQMG18/YOrx_0LEmTI/AAAAAAAAEhs/6OauKoxRyWEUCwjR2TbCUIA97M9uj_1UwCNcBGAsYHQ/w640-h364/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-PSMkkNQMG18/YOrx_0LEmTI/AAAAAAAAEhs/6OauKoxRyWEUCwjR2TbCUIA97M9uj_1UwCNcBGAsYHQ/w640-h364/how-much-protein-losing-fat.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
257097180a61d64f0ef8ca75e385c733b84c8c615db66f0ab10df0fcb3538bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="how-much-protein-losing-fat.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88611
x-xss-protection
0
server
fife
etag
"v121c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:03 GMT
arnold-hypertrophy-program.jpg
lh3.googleusercontent.com/-02YGNUnwPx4/YOmc6ZgAHsI/AAAAAAAAEhU/6jqDWntveogAuFMxKAlMIodlcf7SqEYkQCNcBGAsYHQ/w640-h356/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-02YGNUnwPx4/YOmc6ZgAHsI/AAAAAAAAEhU/6jqDWntveogAuFMxKAlMIodlcf7SqEYkQCNcBGAsYHQ/w640-h356/arnold-hypertrophy-program.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
30435c61dd308f618b14ff013429c92ab4f2ee861dc34a4569edfd8658e9a08e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="arnold-hypertrophy-program.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74846
x-xss-protection
0
server
fife
etag
"v1216"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:03 GMT
egg-myths.jpg
lh3.googleusercontent.com/-mPplFyKbxs0/YOhnJZhFm4I/AAAAAAAAEhI/IfJ3mHfAdCAy0K_o_vhM4yWvCNF_ddR7gCNcBGAsYHQ/w640-h339/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-mPplFyKbxs0/YOhnJZhFm4I/AAAAAAAAEhI/IfJ3mHfAdCAy0K_o_vhM4yWvCNF_ddR7gCNcBGAsYHQ/w640-h339/egg-myths.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b23c17d8110ade18e1eb67d99504fa9091ffda49c2a3c739a48131b5ca5b9f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="egg-myths.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60302
x-xss-protection
0
server
fife
etag
"v1213"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:03 GMT
c
c.mgid.com/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=264|239|8|UKm57zoOvpYgE9CKx8EAgnJNW9ayGy7zZEokCdeDL0Tlbc6D4impoU_yl1WWapBM&fw=1&extjs=66044&v=264|239|8|UKm57zoOvpYgE9CKx8EAgom7ROWMfZr6_O5sRL-RfPQub6WtxwD5elsQN0rI7Q_7&v=264|239|8|UKm57zoOvpYgE9CKx8EAgnyVa3Js0Lr6R_JXvaX1tv2EeK813fn4WLrLW8JFPliv&cid=1118687&h2=T3PpgQ7NTzV6aU5o5Gj-0mtkAAhxl_fYPtbQq8K1hEA*&rid=c5c70bfe-f184-11eb-865f-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17af983f1c1bae61acc&cbuster=1627683813610755908983&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
4f1328c2-c8a4-46e1-ab15-c538e98d8173
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdfb1aa1cd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
c
c.mgid.com/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=264|239|8|UKm57zoOvpYgE9CKx8EAggyTLjJM0opF7GHR6N70-LRRLwW_SaR-siCnO_9mV-SF&extjs=66044&cid=1118687&h2=T3PpgQ7NTzV6aU5o5Gj-0mtkAAhxl_fYPtbQq8K1hEA*&rid=c5c70bfe-f184-11eb-865f-d094662c24f7&tt=Direct&iv=11&pageImp=0&pvid=17af983f1c1bae61acc&cbuster=1627683813712203977179&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jul 2021 22:23:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
d799106a-9991-46c9-8536-828de7a28376
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
6771fdfbbb4acd8b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
foods-boost-testosterone-680x350.jpg
lh3.googleusercontent.com/-xHCsQadlO5c/YPQudnDJHoI/AAAAAAAAEjg/U3xbUlLJ5o08dMHHR7KLIw4PM6yzHHQhwCNcBGAsYHQ/w640-h330/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-xHCsQadlO5c/YPQudnDJHoI/AAAAAAAAEjg/U3xbUlLJ5o08dMHHR7KLIw4PM6yzHHQhwCNcBGAsYHQ/w640-h330/foods-boost-testosterone-680x350.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
13fb29157712975644ca81830022c84dad1da1f3659d4c76088eee22aef9bd4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:25 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="foods-boost-testosterone-680x350.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51215
x-xss-protection
0
server
fife
etag
"v1239"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Jul 2021 00:17:04 GMT
how-to-add-hiit.jpg
lh3.googleusercontent.com/-1Yhav0bTEFU/YPLdpixSBnI/AAAAAAAAEjU/IwJI4Wu4uMMeHWnmfufOWWUcucnAa_m_wCNcBGAsYHQ/w640-h339/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-1Yhav0bTEFU/YPLdpixSBnI/AAAAAAAAEjU/IwJI4Wu4uMMeHWnmfufOWWUcucnAa_m_wCNcBGAsYHQ/w640-h339/how-to-add-hiit.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ac42e9ccc3d491c191055a23127c634df62b41990d0c5ccc73e4aa18dc3bf5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:25 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="how-to-add-hiit.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72466
x-xss-protection
0
server
fife
etag
"v1236"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 18 Jul 2021 19:27:47 GMT
push-pull-legs-routine.jpg
lh3.googleusercontent.com/-NsyyCx2MGdU/YPGDpMmsQtI/AAAAAAAAEi8/4VZPts4aMtsWUe2TGfhGxIaY2YHlwpc0wCNcBGAsYHQ/w640-h360/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-NsyyCx2MGdU/YPGDpMmsQtI/AAAAAAAAEi8/4VZPts4aMtsWUe2TGfhGxIaY2YHlwpc0wCNcBGAsYHQ/w640-h360/push-pull-legs-routine.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1fefd9349434cae1fea8dd3ad4bf86486dcf8e9f9c040c38ce86be81b235e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="push-pull-legs-routine.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64137
x-xss-protection
0
server
fife
etag
"v1230"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 17 Jul 2021 16:24:49 GMT
paused-shrugs-for-bigger-traps.jpg
lh3.googleusercontent.com/-SsKnUJ2IaJg/YPBROoM8PsI/AAAAAAAAEi0/LWLs2wj4Nugl5bCOTvZgjZktTV-m0butwCNcBGAsYHQ/w640-h351/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-SsKnUJ2IaJg/YPBROoM8PsI/AAAAAAAAEi0/LWLs2wj4Nugl5bCOTvZgjZktTV-m0butwCNcBGAsYHQ/w640-h351/paused-shrugs-for-bigger-traps.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89df4a7d0a8745da51a9ffb5ef53d29fac8d8ef7b823610ee67f7513f205aa14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="paused-shrugs-for-bigger-traps.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61944
x-xss-protection
0
server
fife
etag
"v122e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:02 GMT
enter-ketosis.jpg
lh3.googleusercontent.com/-5g2hL8-WYkc/YO8AcFaFUmI/AAAAAAAAEis/03HMnK1ddUAtax4uacn4NDooVVPLRgCdQCNcBGAsYHQ/w640-h307/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-5g2hL8-WYkc/YO8AcFaFUmI/AAAAAAAAEis/03HMnK1ddUAtax4uacn4NDooVVPLRgCdQCNcBGAsYHQ/w640-h307/enter-ketosis.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98757f8d6eb6e75baa3498bc4886a041509f322f702410ac415e3b1bed3979b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2887
content-disposition
inline;filename="enter-ketosis.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62023
x-xss-protection
0
server
fife
etag
"v122c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:05:53 GMT
dumbbell-shrug-anatomy.jpg
www.fitnessandpower.com/wp-content/uploads/2018/07/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/07/dumbbell-shrug-anatomy.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5ad10ae9ae6ea7ffae77a26dc3142d1b977497458846a31cf3f05503e5ba80

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1632031
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33101
last-modified
Tue, 31 Jul 2018 09:09:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV5qJiEFdvcyTkMD%2BY%2B6WtX4ro2JVw831U5%2FHVlBhqVQVZW20QIAYW8kpxnDwERJWFSIlr%2FWGxGHfjaaPyL2mPBu3l%2FK5tkciuFAVxie5dJKUGCxcdnTbahXUOAPc%2FGyff2TjGAC9lSEWTSMicO%2Fj%2B%2Bhz7gFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfca9254e5c-FRA
expires
Tue, 12 Jul 2022 01:03:02 GMT
muscle-building-hacks.jpg
lh3.googleusercontent.com/-YsHVb9SCsSo/YO2Sxpb0v7I/AAAAAAAAEik/idi3jBv7uRobF-J19yM5cTXxPnuq6QtdwCNcBGAsYHQ/w640-h394/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-YsHVb9SCsSo/YO2Sxpb0v7I/AAAAAAAAEik/idi3jBv7uRobF-J19yM5cTXxPnuq6QtdwCNcBGAsYHQ/w640-h394/muscle-building-hacks.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9782a64814f2bcc92b04b7325fe535e09168a186c5998b768a64d6bf3bea15eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="muscle-building-hacks.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68548
x-xss-protection
0
server
fife
etag
"v122a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:03:11 GMT
egg-myths.jpg
lh3.googleusercontent.com/-mPplFyKbxs0/YOhnJZhFm4I/AAAAAAAAEhI/IfJ3mHfAdCAy0K_o_vhM4yWvCNF_ddR7gCNcBGAsYHQ/w640-h339/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-mPplFyKbxs0/YOhnJZhFm4I/AAAAAAAAEhI/IfJ3mHfAdCAy0K_o_vhM4yWvCNF_ddR7gCNcBGAsYHQ/w640-h339/egg-myths.jpg
Requested by
Host: www.viraldestination.com
URL: https://www.viraldestination.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b23c17d8110ade18e1eb67d99504fa9091ffda49c2a3c739a48131b5ca5b9f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 21:35:26 GMT
x-content-type-options
nosniff
age
2888
content-disposition
inline;filename="egg-myths.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60302
x-xss-protection
0
server
fife
etag
"v1213"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 29 Jul 2021 11:49:03 GMT
polish-viking.jpg
1.bp.blogspot.com/--GM-xYI_i2U/YN3cF7X337I/AAAAAAAAEfQ/PmeuC7X7PwcdcGRG-wMMTvCkOcScMXEvQCNcBGAsYHQ/w640-h340/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/--GM-xYI_i2U/YN3cF7X337I/AAAAAAAAEfQ/PmeuC7X7PwcdcGRG-wMMTvCkOcScMXEvQCNcBGAsYHQ/w640-h340/polish-viking.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
417d5e412c3d01cd3f8e40e6c90304ea9ff20892a22902bbe7ae541836a187b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="polish-viking.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90322
x-xss-protection
0
server
fife
etag
"v11f5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 23:07:17 GMT
polish-viking2.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/polish-viking2.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8d65d87373ee37c6d1df007801e954deac29a7dd68d2e2e03d41370e1d773c

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7787
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
54693
last-modified
Wed, 22 Aug 2018 17:39:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jEr6KVVF%2Bmvcclx%2FldGozV9Psaum0NYreUQQ33Z1Oi1NMb2IzSPX5APmb0sc3tMXXYM0p6gcnbtuUrNQzukzFm4B1H95Yg9wNfpvgD7Dh%2FmK%2FZ9PY%2FPwORusSvHWOLEU0f%2FAVjDDyZm5pBlW3t4tQrrgTa6Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaa44e5c-FRA
expires
Sat, 30 Jul 2022 20:13:47 GMT
polish-viking1.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/polish-viking1.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6295b2d71a5b5796b22cfcc3787565ec9867461b65e9d0e5f236ba8bd66caa

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
72553
last-modified
Wed, 22 Aug 2018 17:39:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fCO3gWOUlbUhVYFdffEOhpP9KTScYajS87m53hi6EzoRY85ZQEl987mwDnLro1KmgboZyRaShI69PLGQi62CMKpRjrIeO1NDnIciLdmsHpbvQa1%2FSChz7X7BMS00Nik250ExZ5hpxww5MtmB32CJ22F%2BHktjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaa64e5c-FRA
expires
Sat, 30 Jul 2022 21:26:32 GMT
celebrities-fit-after-40.jpg
lh3.googleusercontent.com/-HaFVeK1P0gU/YNxxwVjy4dI/AAAAAAAAEes/qq5KtGGa_MIGIJsl2BVGQ6OBveBwhb1rwCNcBGAsYHQ/w640-h360/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-HaFVeK1P0gU/YNxxwVjy4dI/AAAAAAAAEes/qq5KtGGa_MIGIJsl2BVGQ6OBveBwhb1rwCNcBGAsYHQ/w640-h360/celebrities-fit-after-40.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
23f2bf6d512c24ca89bb06b052a768f6df1f8c8b0cc17676c6bca52d17968840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="celebrities-fit-after-40.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61848
x-xss-protection
0
server
fife
etag
"v11ec"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 23:07:18 GMT
tim-mcgraw-fitness.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/tim-mcgraw-fitness.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72b1af28ff7ee1c6591cca77279611c08b1d25c5e9b40be425bdd10d861cc2b

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
64192
last-modified
Fri, 24 Aug 2018 15:31:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlWoRw9OmYszD%2BfsY3Sis1UHbEoMJcMPAnqCwetKumF5pJhowUO8BtSc4yCMCfAkJInlv2mo8SNsNbAu%2FD1wCsvbkPHj09TnGLux2Ga5DbPHEQIecqnWNZP7qCZq0P9OZ%2F5nm2B1SUIFOfR2I24Gnmrm4H9vEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaab4e5c-FRA
expires
Sat, 30 Jul 2022 21:26:32 GMT
will-smith-fit.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/will-smith-fit.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a81ff9635429af51db947615bad992122736eced1af308a050ef54af50465c60

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60255
last-modified
Fri, 24 Aug 2018 15:38:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKQKZR4J3ZQtPhnJjxw%2BFQlckbf9%2BJTidnDNShZjXJOeSCpd%2F9X7ORdMDTVHjb44JZfDHRCiQEudUW8tzRu29w0EMWQl27qnhWWOSdXoaMmJnIA4B0ygVeTPGgaT3L%2FsBfM9jURA37ZsjT2p6%2FjEBS9rG%2BdEsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaad4e5c-FRA
expires
Sat, 30 Jul 2022 21:26:32 GMT
Mark-Wahlberg-muscles.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/Mark-Wahlberg-muscles.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f601707e66b789d082f4e7e48486345d546a271e0a06e1ec6b9b6c049bcf0daf

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
61537
last-modified
Fri, 24 Aug 2018 15:46:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7xUyLyPzJq2WSXhNHQrb4ADeAFBN%2FiKXdUt%2BRHM4yY8fILTSO3k6r8iWm9pBQqNKDIoxFsJAkYU6nzQ9YJ5G9hafRGNz6fNumtQyrG%2BHiQdOfa%2F0hk3ugDx%2BppeBATger0l1fotd9n2z53RhGiBmvSLfwagwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddab04e5c-FRA
expires
Sat, 30 Jul 2022 21:26:32 GMT
the-rock-gym-work-out.jpg
www.fitnessandpower.com/wp-content/uploads/2016/03/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2016/03/the-rock-gym-work-out.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6bf2664face63f8534c1c46ea72fb4c964d5c8180fac06c96911241854ccb9

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
65189
last-modified
Fri, 02 Sep 2016 10:25:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsTif08Asu5Cw5uPDRkzTJeQ%2FQ3wN6b2ipR9sb0m%2FGLdMpHAxxcxc6y%2FM6rybvA8psHj88guAuMJCsS9l4NoNpsEGCnarVPHIlXUIr%2F0RGsyi4Ewo4kxdoqAGIMuFEmBrtDbOXBWUkdNcgQiZQArVXIPJl0KEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddab24e5c-FRA
expires
Sat, 30 Jul 2022 21:26:33 GMT
Jason-Statham-muscles.jpg
www.fitnessandpower.com/wp-content/uploads/2016/10/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2016/10/Jason-Statham-muscles.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e67adbb0a04845fc1b0791ce94b704a222bed09e275b3fe192fc2bc46eb96a

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6183048
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
56761
last-modified
Mon, 10 Oct 2016 20:42:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrvYGLDwwGowO6n1fzQniao4Iomk%2BFMw%2BwmwPGW66WN1%2FV3FcHCywNpRo%2BiqrdbW2UXJHqKy1U4Si0P6xIa6GIzspHv9TVwl7vc%2F%2FtACnH3%2F8qjJ8ZZ5f%2BJBw36Scz51baDPZw8DTtxdlm4bdR26WY2gDOoCvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddab64e5c-FRA
expires
Fri, 20 May 2022 08:52:45 GMT
arnold-schwarzenegger-70-years-old-workout.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/arnold-schwarzenegger-70-years-old-workout.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bbb362075026f699075053000e2ea0c525c23fd2cdee3b95b0e36ab015613e

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
83775
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
78466
last-modified
Fri, 24 Aug 2018 16:28:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocxabi40OWCbxVeCcJrUgj%2BSkr8COXgqgYV9VB8Yo5UouomODekEyKkQSUGfNcj9mR%2BKbQ8zqkRGVw4oQQmHReJNe5mcYOrX4%2Fh3WSZF%2FX5g9TPks9YGILvL28tciqN1G7Bu3ShKu3D%2BzrBhP4Tc7BzXAg1E6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddab94e5c-FRA
expires
Fri, 29 Jul 2022 23:07:19 GMT
terry-crews-muscles-at-50.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/terry-crews-muscles-at-50.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89d8e3c774fbed30ed358febf372c2d3db8e1b2fe9bd121dc9988667b67d5f7

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
50770
last-modified
Fri, 24 Aug 2018 16:40:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUCMcGEybFbNws7yibsLJLVpBp%2FwDNASZS4xwDltj5Xhwc6XKUWrGo4E6dokkuA8%2Bv9%2F%2Fs3fP1gR63e8h7E8SOtu12l4KhA4qfi61Rh%2F6kCkEBM6bohloj5QGyNBroNXzhVjloVT4GvLvGrNY0M8FnOROq%2BOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaba4e5c-FRA
expires
Sat, 30 Jul 2022 21:26:33 GMT
dolph-lundgren.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/dolph-lundgren.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76ade001a0436f4b9ffdfcfe4c086bd8eb9b5cbfd20c4430d002054b70f6033

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58990
last-modified
Fri, 24 Aug 2018 16:49:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqp9x2BJpfvSHGlJVHjuBKqfkODI%2FgjLOTgeTeElSgZHK%2BYYCxqmSpksJMCDyJUry2Nx3Y%2FILBgle4b%2FouDuOyY8l2bIyM6YpBavvqQ%2FgYD5orLD3fH29MJoNwftny7pb%2FQ9MY62nIXgxEbauJ1iLfx6woZ7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddabe4e5c-FRA
expires
Sat, 30 Jul 2022 21:26:33 GMT
hugh-jackman-diet.jpg
www.fitnessandpower.com/wp-content/uploads/2018/08/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/08/hugh-jackman-diet.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceed422dfec2d00cb288a0c3b3a6533f373d8b5dc1f39f9c032a157d28f7d83b

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3979753
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
64638
last-modified
Tue, 14 Aug 2018 14:17:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipTTOIVb7rDR20NAtR4DFS95EEm1xfmqOXDDU8Nx4CoDqAeZfvDEuV%2FvDvu8h8FEIRJYKJ%2BwxDYUoSKzclhX2yLBBsAPM4Y30F8wWh0exkEhA8jRtH65EqeMkgROd8zQ0d2SASzUuNx2RixNu2uP9EqxTIT1Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddac04e5c-FRA
expires
Tue, 14 Jun 2022 20:54:21 GMT
bodybuilding-routine-not-working.jpg
lh3.googleusercontent.com/-zMZKzSg1-88/YNh4LNfvhzI/AAAAAAAAEdw/-6xJrcrS00ktxfSPsA3rzb5SJQso1bj5QCNcBGAsYHQ/w640-h339/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-zMZKzSg1-88/YNh4LNfvhzI/AAAAAAAAEdw/-6xJrcrS00ktxfSPsA3rzb5SJQso1bj5QCNcBGAsYHQ/w640-h339/bodybuilding-routine-not-working.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
157ab43cc4fa9fadffa8a7ecb40fcb7cef221cc730df828c0ec52c7188594849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="bodybuilding-routine-not-working.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59705
x-xss-protection
0
server
fife
etag
"v11dd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 23:07:02 GMT
arnold-weak-body-parts.jpg
lh3.googleusercontent.com/-U1CW6RrYOHA/YL9-yZ_-xLI/AAAAAAAAEVI/WEXlAKZIkFcJl-ouB6YWXPfx29hGbcnJQCNcBGAsYHQ/w640-h360/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-U1CW6RrYOHA/YL9-yZ_-xLI/AAAAAAAAEVI/WEXlAKZIkFcJl-ouB6YWXPfx29hGbcnJQCNcBGAsYHQ/w640-h360/arnold-weak-body-parts.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
46d3d58fa64f8da75e91694c4e89000044feada0eb2d407b2e3660f547ba38c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="arnold-weak-body-parts.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87886
x-xss-protection
0
server
fife
etag
"v1153"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 23:07:18 GMT
terry-hollands-transformation.jpg
lh3.googleusercontent.com/-LqKjNZgA0uM/YL4uVK6LcjI/AAAAAAAAEVA/uUcP90l8FT4EJLJh5WjRHfBQVs10JEe-gCNcBGAsYHQ/w640-h320/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-LqKjNZgA0uM/YL4uVK6LcjI/AAAAAAAAEVA/uUcP90l8FT4EJLJh5WjRHfBQVs10JEe-gCNcBGAsYHQ/w640-h320/terry-hollands-transformation.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cc85db38a8a892957ec4d047ef85e0c3d702106b3341218f400dbe73b474c6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="terry-hollands-transformation.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62935
x-xss-protection
0
server
fife
etag
"v1151"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 04:02:06 GMT
terry-hollands-4.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/terry-hollands-4.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f770c36773e9750180b540bc4724e02369859f2925a3b0be8c73390e21a203

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
165651
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
105648
last-modified
Fri, 02 Nov 2018 11:28:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN4iYYP6ZXG3T57TYk%2FvytOp6hXunwpizDLfgccuxuAmpJu35CUYSBbqlSVxAIl%2BLPcLNURKuqgEx3ZfBZpHZm31k2%2FbnhLsEtJplS7K3AVQBf%2FEa2jc1RFk%2FWACZCCG82c7ZZ9cF2HQGFRnSOluwPyJfhbD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddac34e5c-FRA
expires
Fri, 29 Jul 2022 00:22:43 GMT
Capture2.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/Capture2.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7912249adad2ee3c7f8bba774c53cd6010c0c44e71bc774eab6782567ba9a93

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
165651
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
74223
last-modified
Fri, 02 Nov 2018 11:24:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gChdXHYc1XZA4n77Nc9lb%2FBgq0fkdRxn%2BjR8crYmPR9dyRtYYCDxobZcw8qRslqop%2FfEHtRZtTZu7SKZh58KLIvoXVjobMOgpW0P8NQ0Vp0MoMg%2Bkgofg0zoNL2F911HmW6ssfLELlopXYDZhW8q%2F63jsibRpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddac64e5c-FRA
expires
Fri, 29 Jul 2022 00:22:43 GMT
terry-hollands-3.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/terry-hollands-3.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808073b86045ca8a0e8fed2bdc4f9626302ac3a494f05062e0c28a65c0843e7b

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
165650
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
81897
last-modified
Fri, 02 Nov 2018 11:26:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9x%2FppDSp93A21TVhhJJIatmI1oFXs45uJ%2FFh0w9z90mYiwnfZPkvhn3LsY9bm205jg6GDLpLyH%2BZ86Nl039U4JdtgyKD2EfEJYa5i2YXVVMvT%2BRkFOnUJ1td4dwHgFPEUImqwdzuK3Xw1SBRp2agRjHEn3fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddac74e5c-FRA
expires
Fri, 29 Jul 2022 00:22:43 GMT
terry-hollands.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/terry-hollands.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
629d6bb1624a5eabf9c1acbfcab1087226ce5bf19d8b4ae88551bce4645fc7d7

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
165650
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
99264
last-modified
Fri, 02 Nov 2018 11:09:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhGYNeX5ChYjgpe%2B6u2rVHB%2Fkc2RezDrhxgwKI%2Bh2iBlcSeBlNd5U0hz2HPR6Y1cQMrruYZsdqHz0rgSrcik8B%2BdMVahc3U%2BZjnPUZlBBZLJT0o7KjDIMNTMQVzstg%2BBcSCJ%2FDqt31twpTCyKscM6kI7SVUTvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddac94e5c-FRA
expires
Fri, 29 Jul 2022 00:22:44 GMT
beginners-exercises.jpg
lh3.googleusercontent.com/-_NVzNwEIlO4/YLY8wbPfY3I/AAAAAAAAES4/zk0gUH6nMq0mkdeusEBn1opMMyju3dOYQCNcBGAsYHQ/w640-h371/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-_NVzNwEIlO4/YLY8wbPfY3I/AAAAAAAAES4/zk0gUH6nMq0mkdeusEBn1opMMyju3dOYQCNcBGAsYHQ/w640-h371/beginners-exercises.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
491e9fa540ebcfbda57cbb01be768112517f6417bd46f41338cfaf0ba070ffe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="beginners-exercises.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73630
x-xss-protection
0
server
fife
etag
"v112f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Jul 2021 00:17:30 GMT
bench-press.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/bench-press.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b585f1b17405d3615ec9cc698081574ad8b8c836fb7cc4714bea0ce1b0ecbdf

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1406623
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
58096
last-modified
Thu, 15 Nov 2018 20:46:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOKgbUVIx4QqKpCNO%2FRWLqFx%2FfpCmV5wdREe4yXvW%2FYbVIIonGLL%2BT4UabVHUVIMkq%2Ft2svSEoRS%2BMHJ07Hk9wBiMvBHGi4GEXeS2mbwy%2FcYORPgySn7Qre5%2BR9XLZSnPvi2Ue%2BDH8dk8YiuOrcGev%2B4IKARZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddaca4e5c-FRA
expires
Thu, 14 Jul 2022 15:39:51 GMT
squat.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/squat.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645b9fb55e9a255d26f2c59fa4d21460569a25852d77b14fc38b8aed41d24f9c

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39246
last-modified
Thu, 15 Nov 2018 20:46:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVwPxkZAhl2Y0jWs21l9Ceh8Y9zNeifUNMJEWVgQyhsGTk3oAmoLlWV9ztBSFNmwAEeSASIimnOUaQkyNJvV1JS4TdV%2FkJNKfLCUQIG7rYmFNQHfKazJcgnW8z0rHGyGyVYIRaCE4un10RGWnDzMSakdCY6L0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddacc4e5c-FRA
expires
Sat, 30 Jul 2022 21:26:33 GMT
deadlifts.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/deadlifts.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82e6f0d5e3685060fa9451da30eb818f781678e537fb036d056ea2493291217

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
59385
last-modified
Thu, 15 Nov 2018 20:46:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnNW1cYYlVwsfeoeu8scJUyxzKK2ADK4FXfGlJeHinmZ1AWv3ZO3Wsb5Hn6%2FDCaxuYoD7fQ7syQGGYklZJz5iu62oab8jnLkvJM9%2Bs4v9HcxOsoz%2BpTw1ICy1vHVlMHVDw9IS9jx7Wk%2BdBFyz66GrXQceZhppg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddad04e5c-FRA
expires
Sat, 30 Jul 2022 21:26:33 GMT
pull-up.jpg
www.fitnessandpower.com/wp-content/uploads/2018/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2018/11/pull-up.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fc6adcd36b11c93ac84ccfde83da74c827970fe030531ac0cce6e5b542d963

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
375130
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27271
last-modified
Fri, 14 Dec 2018 19:42:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdDIMSIuYkU5uRGaw0jsmOjRNqaAeYVxzc0XgxL7pmocDtLy9ytbiVmzaj4mUy9mq32cdAx8RLttBG8ud6ZlHcxHJ9cg862QFnOIWuc2qG3z59ByQGs%2BGWzqiHgenUiDpaRcGNSxaMRKKk13rfk91Qozv7%2BDSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddad24e5c-FRA
expires
Tue, 26 Jul 2022 14:11:24 GMT
build-muscle-after-50.jpg
lh3.googleusercontent.com/-0HodlPqRLdY/YLJIJi-SD8I/AAAAAAAAERs/m_XQ0k0CW0s6PzPSSrk_B25NQ2HacHZlwCNcBGAsYHQ/w640-h340/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-0HodlPqRLdY/YLJIJi-SD8I/AAAAAAAAERs/m_XQ0k0CW0s6PzPSSrk_B25NQ2HacHZlwCNcBGAsYHQ/w640-h340/build-muscle-after-50.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
359b8ac238acd841c5e4429b6cc7757125fdc3178ad9fc9f33db92f14a29ce78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="build-muscle-after-50.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63266
x-xss-protection
0
server
fife
etag
"v111c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 04:02:06 GMT
healthy-obesity-myth.jpg
lh3.googleusercontent.com/-6Glkn-j78VM/YK-j5t7-7rI/AAAAAAAAEQs/o-PcQ6JcqF008DDPXgnU-weRzOLYRMk4QCNcBGAsYHQ/w640-h339/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-6Glkn-j78VM/YK-j5t7-7rI/AAAAAAAAEQs/o-PcQ6JcqF008DDPXgnU-weRzOLYRMk4QCNcBGAsYHQ/w640-h339/healthy-obesity-myth.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9381a1e27d128131d9da182784bd2112b850089968a6e92241899848c02a7caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="healthy-obesity-myth.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64535
x-xss-protection
0
server
fife
etag
"v110c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 19:57:06 GMT
top-5-training-tips-for-building-muscle.jpg
lh3.googleusercontent.com/-uTcav-B7qYU/YK5MmkolACI/AAAAAAAAEQk/ZULNTcj1ntEVNZkPEM3WdnUjWZqaKSuZwCNcBGAsYHQ/w640-h333/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-uTcav-B7qYU/YK5MmkolACI/AAAAAAAAEQk/ZULNTcj1ntEVNZkPEM3WdnUjWZqaKSuZwCNcBGAsYHQ/w640-h333/top-5-training-tips-for-building-muscle.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6fe1d5d17458630e9a4eebf116ff1ddd4f288d6f6e871d518fd22fc11f89d17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="top-5-training-tips-for-building-muscle.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73555
x-xss-protection
0
server
fife
etag
"v110a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:03:13 GMT
3-ways-to-get-stronger-without-lifting-heavier.jpg
www.fitnessandpower.com/wp-content/uploads/2017/08/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fitnessandpower.com/wp-content/uploads/2017/08/3-ways-to-get-stronger-without-lifting-heavier.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26adbdf5b5ce1f52c920e82812b21759ebbc24ee13206a9896d00ae8409d680d

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
91822
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
67910
last-modified
Tue, 29 Aug 2017 18:41:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCfXDKh8oygIezjWTuf%2F1z7aGqe1N4i70ScdB0Ii2wNf2%2B0HIJDsVjQ12Q5dVEB0Pa%2FVENxmdfsubiAnGcSEl1imeZkADOZpDVlNFTHLcvVGGcK0E3QUf%2B%2BLmoVzEl9B9qACXXcVqvDrUCs%2BzkHhHgnj8l%2B30Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
6771fdfddad34e5c-FRA
expires
Fri, 29 Jul 2022 20:53:12 GMT
hardgainer-arm-tips.jpg
lh3.googleusercontent.com/-KK_vCgUtJL4/YK0FvRQtRRI/AAAAAAAAEQE/lSUkgKjUHj4kJzaqV9cevkOinqRY9ITBwCNcBGAsYHQ/w640-h380/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-KK_vCgUtJL4/YK0FvRQtRRI/AAAAAAAAEQE/lSUkgKjUHj4kJzaqV9cevkOinqRY9ITBwCNcBGAsYHQ/w640-h380/hardgainer-arm-tips.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
08721c7cd7f8bcb79f1b57cbebec09c08b15278f7bddd1d455072ca3eef92f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viraldestination.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:23:34 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="hardgainer-arm-tips.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55713
x-xss-protection
0
server
fife
etag
"v1102"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Jul 2021 04:02:06 GMT

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _mNHandle string| medianet_versionId object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl string| January string| February string| March string| April string| May string| June string| blogger string| July string| August string| September string| October string| November string| December string| ReadMore string| NextArticle string| PreviousArticle string| Direction string| page string| of string| shareText string| shareText2 string| configtxt string| redytxt string| errtxt string| altImage number| jsjq boolean| popup object| _0x266b function| _0xc526 function| _0x54f7 function| onull function| google_spfd number| google_unique_id object| google_sv_map object| google_jobrunner object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| $ function| jQuery object| _mNadPrvLog string| Url string| asdfasf string| slideLength string| posts0Length string| posts1Length string| posts2Length string| posts3Length string| posts4Length string| posts5Length string| posts6Length string| lListsLength string| postsNormalLength string| shreetLength string| banha string| ArrowIcon object| _0x2b82 function| _0x3d4d function| _0x7944 function| _0x4c7f6d function| _0x2b2c1c object| midlane object| n function| replaceSrc function| changeDS number| xs number| sx boolean| alllow string| id boolean| hA function| pllrstNew string| url object| elw function| garen object| _mgIntExchangeNews object| MarketGidInfC1118687 function| MarketGidCContextBlock1118687 function| MarketGidCMainBlock1118687 function| MarketGidCInternalExchangeBlock1118687 function| MarketGidCColorBlock1118687 function| MarketGidCRejectBlock1118687 function| MarketGidCCriteoBlock1118687 function| MarketGidCInternalExchangeLoggerBlock1118687 function| MarketGidCObserverBlock1118687 function| MarketGidCSendDimensionsBlock1118687 function| MarketGidCAntifraudStatisticsBlock1118687 function| MarketGidCRtbBlock1118687 function| MarketGidCIframeSizeChangerBlock1118687 function| MarketGidCContentPreviewBlock1118687 function| MarketGidCGradientBlock1118687 function| MarketGidCResponsiveBlock1118687 boolean| mg_loaded_700781_1118687 object| onClickExcludes function| mgReject1118687 function| mgLoadAds1118687 function| MarketGidCReject1118687 function| MarketGidLoadGoods1118687 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint700781 string| _mgPvid object| _0x2c02 function| _0x236c function| _0x53e7 function| _0x34ae function| _0x4c71ab function| _0x3b67c6 function| _0x1404d9 function| njnj function| lulu function| darkMode function| scrolup object| d object| $el number| $added number| $sticky number| $limit number| $fixed number| $i boolean| $enter boolean| _mgPageView700781 function| LoadCriteoAllPlaces1118687 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| udm_ object| ns_p object| COMSCORE object| GoogleGcLKhOms object| google_image_requests object| _mgwcapping boolean| _mgPageImp700781

5 Cookies

Domain/Path Name / Value
.media.net/ Name: gdpr_status
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUltINxp0DCVrIG3DGDa81XG95VnOI5YTjgKD3_Eb_T5l-jlVP462YEFhVpqB04
www.viraldestination.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1118687%22%3A%7B%22page%22%3A1%2C%22time%22%3A1627683812174%7D%7D
www.viraldestination.com/ Name: session_depth
Value: www.viraldestination.com%3D1%7C830781605%3D1
.viraldestination.com/ Name: __gads
Value: ID=43ffd055a32562af-2237821f7ec90093:T=1627683811:RT=1627683811:S=ALNI_Ma0nIJyiNTWx1V3UMpV9mrX_VkY5g

1 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.mgid.com/v/i/viraldestination.com.1118687.es6.js(Line 1)
Message:
[object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.mgid.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
contextual.media.net
creativecdn.com
eus.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
jsc.mgid.com
lg3.media.net
lh3.googleusercontent.com
match.adsrvr.org
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
sync.e-volution.ai
themes.googleusercontent.com
token.rubiconproject.com
tpc.googlesyndication.com
www.blogger.com
www.fitnessandpower.com
www.google.com
www.googletagservices.com
www.viraldestination.com
x.bidswitch.net
104.117.200.100
104.16.221.74
104.19.132.78
104.19.217.61
109.206.188.82
13.224.96.53
13.248.242.197
142.250.184.226
142.250.74.194
185.184.8.65
188.42.196.115
2.18.235.93
2.19.35.65
2600:1f18:444a:4602:4614:a08b:388f:2234
2606:4700:3030::ac43:dfa8
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2009
2a00:1450:4001:831::2013
3.66.53.222
34.102.149.62
35.212.212.222
54.225.68.204
69.173.144.138
69.173.144.165
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
024b72f22365ba76e377655c47bf20484e9e2c773616719656f4af6e6e1393ea
08721c7cd7f8bcb79f1b57cbebec09c08b15278f7bddd1d455072ca3eef92f8e
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
13fb29157712975644ca81830022c84dad1da1f3659d4c76088eee22aef9bd4a
142e8800a5277e5483caf0a1d451db8affbd5e48e38d3facf4a75be00412a34b
14fc6adcd36b11c93ac84ccfde83da74c827970fe030531ac0cce6e5b542d963
157ab43cc4fa9fadffa8a7ecb40fcb7cef221cc730df828c0ec52c7188594849
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
18145142f406ec899eda5ff5adaa652ef80597499f4e50f632e4eb99c693e3e7
1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df
22df6f5eb095e7178122e3fa56cfd1dfd360b11991fff2e55fb4d7606c682141
23f2bf6d512c24ca89bb06b052a768f6df1f8c8b0cc17676c6bca52d17968840
2538b2a6b4f3d02370d5afa594aab7e471c6e4676cb95d8056fe0b0883c98480
257097180a61d64f0ef8ca75e385c733b84c8c615db66f0ab10df0fcb3538bc9
26adbdf5b5ce1f52c920e82812b21759ebbc24ee13206a9896d00ae8409d680d
2b585f1b17405d3615ec9cc698081574ad8b8c836fb7cc4714bea0ce1b0ecbdf
30435c61dd308f618b14ff013429c92ab4f2ee861dc34a4569edfd8658e9a08e
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32f4d7800d910b0089e0031e4cf0a94bd8c83df22b1a0889d3c05336588d035d
359b8ac238acd841c5e4429b6cc7757125fdc3178ad9fc9f33db92f14a29ce78
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
417d5e412c3d01cd3f8e40e6c90304ea9ff20892a22902bbe7ae541836a187b1
4340cf08e4e5aad60d6a020d1c5805fbd43998025c9595f19edc61942f182296
43e67adbb0a04845fc1b0791ce94b704a222bed09e275b3fe192fc2bc46eb96a
46d3d58fa64f8da75e91694c4e89000044feada0eb2d407b2e3660f547ba38c1
491e9fa540ebcfbda57cbb01be768112517f6417bd46f41338cfaf0ba070ffe3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49f71ad5e5941a63f27278e6c9c40103e30724da089d5e93a6e7e87dbee13b80
4a02ab605a8717ece5e3d683047665f211a0dcdc7d91944fecbaf6688596138d
4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52248ecce8ea033c7bdf3cc6b5592a94c1c015b8e6a343e5c197c9d115e5e0cc
54bbb362075026f699075053000e2ea0c525c23fd2cdee3b95b0e36ab015613e
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
629d6bb1624a5eabf9c1acbfcab1087226ce5bf19d8b4ae88551bce4645fc7d7
63341bdb393e25837cdbb6fd2a69dae26308959238e382e86c5e9732e070049b
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
645b9fb55e9a255d26f2c59fa4d21460569a25852d77b14fc38b8aed41d24f9c
6699dfecfadc3f279a5edecb35a30e392a6b907ccdc7fdb6e477d3f236180484
6c6436bea6fd5f5baaac25d26ad7c69ea0c4f0d2ad9a6ad638629a1f59119c4f
6d4772917ddfb74ada4f2dd317e3db720caaae0fc3c6ed380898124803ab044d
6fe1d5d17458630e9a4eebf116ff1ddd4f288d6f6e871d518fd22fc11f89d17c
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
808073b86045ca8a0e8fed2bdc4f9626302ac3a494f05062e0c28a65c0843e7b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89df4a7d0a8745da51a9ffb5ef53d29fac8d8ef7b823610ee67f7513f205aa14
8ee5af628c98422d7e260a0717ccf78ba179a252656049f02def5883915d3e3a
92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2
9381a1e27d128131d9da182784bd2112b850089968a6e92241899848c02a7caf
9782a64814f2bcc92b04b7325fe535e09168a186c5998b768a64d6bf3bea15eb
98757f8d6eb6e75baa3498bc4886a041509f322f702410ac415e3b1bed3979b3
9b51f595bd92b65d5fefdcdc321c139cdfa85c0683afca58aa4ad3b500b63a6d
9bfecfa0d74f3709b57dde701081e11059541fad4234b95309509cb7f92ad8f3
9e25b441dc80580f0fa1cfc502bf97fdd2189b474c8f0c58c56257b013f927b3
9e5ad10ae9ae6ea7ffae77a26dc3142d1b977497458846a31cf3f05503e5ba80
a02afff71f06135cc8ed75db0f5ab43714ef90b3023edd3871105e7448242230
a0b9df4697d5e9dbd3cfe956ab26d0ae705aaf6c8206d6c16a55b4e3eb374490
a1fefd9349434cae1fea8dd3ad4bf86486dcf8e9f9c040c38ce86be81b235e13
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a81ff9635429af51db947615bad992122736eced1af308a050ef54af50465c60
a89d8e3c774fbed30ed358febf372c2d3db8e1b2fe9bd121dc9988667b67d5f7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa801cb285b674dcfb44e2c93cbad84b09625144323b8060a79427e4a11cf818
ac42e9ccc3d491c191055a23127c634df62b41990d0c5ccc73e4aa18dc3bf5ae
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b23c17d8110ade18e1eb67d99504fa9091ffda49c2a3c739a48131b5ca5b9f3e
b2f770c36773e9750180b540bc4724e02369859f2925a3b0be8c73390e21a203
b309847fc8aa94a0d4cc2895931108c23af9f168d20ba46a4b5b78093811151f
c5216d8d82c0c227f6efb8d924f603fe922e2608740205873d74c8d3e0f3e0c9
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7912249adad2ee3c7f8bba774c53cd6010c0c44e71bc774eab6782567ba9a93
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6295b2d71a5b5796b22cfcc3787565ec9867461b65e9d0e5f236ba8bd66caa
cc85db38a8a892957ec4d047ef85e0c3d702106b3341218f400dbe73b474c6c4
ce6bf2664face63f8534c1c46ea72fb4c964d5c8180fac06c96911241854ccb9
ceed422dfec2d00cb288a0c3b3a6533f373d8b5dc1f39f9c032a157d28f7d83b
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
d76ade001a0436f4b9ffdfcfe4c086bd8eb9b5cbfd20c4430d002054b70f6033
d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140
d82e6f0d5e3685060fa9451da30eb818f781678e537fb036d056ea2493291217
dedd82990391ed8ae215031403f8105bb5c28b73995d5f567d95e55443122de1
df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89
e394e4104c33965e3b520818ecd2d104d5d9f99be53f7b95a1b5d30360c0bb9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447ed412adabee6f2b76183006769a343b840bcd12dca46d08f848aa5ad34e
e72b1af28ff7ee1c6591cca77279611c08b1d25c5e9b40be425bdd10d861cc2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8d65d87373ee37c6d1df007801e954deac29a7dd68d2e2e03d41370e1d773c
f4cd63020277f7040bd0a8cb6ffe164e8a3836002e897dafcd0e1572ae1f7661
f5700a8485b6e08e56ea4cea1b64761479e41f63f63df186133bbfbb77af3e87
f601707e66b789d082f4e7e48486345d546a271e0a06e1ec6b9b6c049bcf0daf
f8b56f5b126fd70a53e7d280ce31a5048a39ef1c2784b280ed7bd53c26165e9a