urlscan.io logo urlscan.io
SecurityTrails logo

st.xrivonet.info Open in urlscan Pro
104.28.11.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://st.xrivonet.info/h19.html#15
Effective URL: http://st.xrivonet.info/h19.html
Submission: On April 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 7 countries across 26 domains to perform 50 HTTP transactions. The main IP is 104.28.11.175, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is st.xrivonet.info.
This is the only time st.xrivonet.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.28.11.175 13335 (CLOUDFLAR...)
4 216.58.214.105 15169 (GOOGLE)
2 216.137.61.217 16509 (AMAZON-02)
2 2 78.140.191.92 35415 (WEBZILLA)
2 194.187.98.221 35415 (WEBZILLA)
3 130.211.186.109 15169 (GOOGLE)
1 205.185.216.10 20446 (HIGHWINDS3)
1 208.93.230.28 29893 (CHATANGO)
2 154.51.131.141 174 (COGENT-174)
2 216.58.214.110 15169 (GOOGLE)
2 213.196.2.1 7979 (SERVERS)
1 23.111.224.1 7979 (SERVERS)
3 54.209.218.18 14618 (AMAZON-AES)
2 54.84.155.141 14618 (AMAZON-AES)
2 198.134.112.241 27257 (WEBAIR-IN...)
3 54.84.224.113 14618 (AMAZON-AES)
1 195.181.174.23 60068 (CDN77)
2 185.225.208.133 13213 (UK2NET-AS)
1 208.93.230.24 29893 (CHATANGO)
1 216.21.13.10 53334 (TUT-AS)
1 69.4.231.30 36351 (SOFTLAYER)
1 67.202.94.86 32748 (STEADFAST)
2 195.181.174.9 60068 (CDN77)
1 104.16.88.26 13335 (CLOUDFLAR...)
3 92.223.124.254 199524 (GCORE)
1 208.100.17.181 32748 (STEADFAST)
1 208.100.17.183 32748 (STEADFAST)
2 2 185.33.223.206 29990 (ASN-APPNEXUS)
1 54.76.173.188 16509 (AMAZON-02)
1 2 34.200.122.167 14618 (AMAZON-AES)
2 2 216.52.1.12 30282 (AS-INAPCD...)
1 18.195.89.79 16509 (AMAZON-02)
50 30
1    104.28.11.175 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
st.xrivonet.info
4    216.58.214.105 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f9.1e100.net
www.blogger.com
img1.blogblog.com
2    216.137.61.217 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-217.fra2.r.cloudfront.net
d1bevsqehy4npt.cloudfront.net
2    78.140.191.92 (Netherlands)

ASN35415 (WEBZILLA, NL)
go.oclasrv.com
2    194.187.98.221 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 194.187.98.221.webazilla.com
deloton.com
3    130.211.186.109 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 109.186.211.130.bc.googleusercontent.com
www.adnetworkperformance.com
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
creative.speednetwork14.com
1    208.93.230.28 (San Francisco, United States)

ASN29893 (CHATANGO - Chatango LLC, US)
st.chatango.com
2    154.51.131.141 (Fulham, United Kingdom)

ASN174 (COGENT-174 - Cogent Communications, US)
tags.h12-media.com
2    216.58.214.110 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f14.1e100.net
apis.google.com
2    213.196.2.1 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
www.bnserving.com
1    23.111.224.1 (Phoenix, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
r.remarketingpixel.com
3    54.209.218.18 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-218-18.compute-1.amazonaws.com
schemic.top
2    54.84.155.141 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-155-141.compute-1.amazonaws.com
schemic.top
2    198.134.112.241 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.urldelivery.com
3    54.84.224.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-224-113.compute-1.amazonaws.com
schemic.top
1    195.181.174.23 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
c1.popads.net
2    185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
1    208.93.230.24 (San Francisco, United States)

ASN29893 (CHATANGO - Chatango LLC, US)
st.chatango.com
1    216.21.13.10 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
1    69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net
t.dtscout.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
2    195.181.174.9 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com
c.adsco.re
1    104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
3    92.223.124.254 (Germany)

ASN199524 (GCORE, AT)
imgg-cdn.mgid.com
1    208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip181.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.183 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip183.208-100-17.static.steadfastdns.net
de.tynt.com
2    185.33.223.206 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    54.76.173.188 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-173-188.eu-west-1.compute.amazonaws.com
s.cpx.to
2    34.200.122.167 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-122-167.compute-1.amazonaws.com
idsync.rlcdn.com
2    216.52.1.12 (United States)

ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US)
loadus.exelator.com
1    18.195.89.79 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-89-79.eu-central-1.compute.amazonaws.com
sync.sharethis.com
Domain Requested by
8 schemic.top d1bevsqehy4npt.cloudfront.net
st.xrivonet.info
3 imgg-cdn.mgid.com st.xrivonet.info
3 www.adnetworkperformance.com st.xrivonet.info
www.adnetworkperformance.com
3 www.blogger.com st.xrivonet.info
2 loadus.exelator.com 2 redirects
2 idsync.rlcdn.com 1 redirects st.xrivonet.info
2 ib.adnxs.com 2 redirects
2 c.adsco.re serve.popads.net
st.xrivonet.info
2 widgets.amung.us st.xrivonet.info
2 www.urldelivery.com www.bnserving.com
2 www.bnserving.com st.xrivonet.info
2 apis.google.com st.xrivonet.info
apis.google.com
2 tags.h12-media.com st.xrivonet.info
tags.h12-media.com
2 st.chatango.com st.xrivonet.info
st.chatango.com
2 deloton.com st.xrivonet.info
2 go.oclasrv.com 2 redirects
2 d1bevsqehy4npt.cloudfront.net st.xrivonet.info
d1bevsqehy4npt.cloudfront.net
1 sync.sharethis.com st.xrivonet.info
1 s.cpx.to st.xrivonet.info
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com st.xrivonet.info
1 cdn.tynt.com widgets.amung.us
1 whos.amung.us widgets.amung.us
1 t.dtscout.com widgets.amung.us
1 serve.popads.net c1.popads.net
1 c1.popads.net st.xrivonet.info
1 r.remarketingpixel.com www.bnserving.com
1 creative.speednetwork14.com st.xrivonet.info
1 img1.blogblog.com st.xrivonet.info
1 st.xrivonet.info
0 6.adsco.re Failed st.xrivonet.info
50 31

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
wrivz1.blogspot.com
Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://st.xrivonet.info/h19.html
Frame ID: 4DF90CFDA25BF3C9489A185710CE8249
Requests: 46 HTTP requests in this frame

Frame: http://tags.h12-media.com/v2/tags.js?placement=3c2a3b5ea5cdfbfa0cd8de38a0cbfbb8&allowbackup=true&appearance=standard&type=standard&size=300x250&name=&sability=true&bref=http%3A%2F%2Fst.xrivonet.info%2Fh19.html%2315&rnd=0.13574933232116115&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=79%2C279&bpos=1065%2C179&bposscr=1065%2C179&cdim=1600%2C1200&ddim=1585%2C1296&clngs=en-US&mdi=2&mhi=0
Frame ID: 13A4260312776948C08C100DCA0FA9A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

50
Requests

0 %
HTTPS

0 %
IPv6

26
Domains

31
Subdomains

30
IPs

7
Countries

474 kB
Transfer

993 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://go.oclasrv.com/apu.php?zoneid=557885 HTTP 302
  • http://deloton.com/apu.php?zoneid=557885
Request Chain 21
  • http://go.oclasrv.com/apu.php?zoneid=557885 HTTP 302
  • http://deloton.com/apu.php?zoneid=557885
Request Chain 47
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID HTTP 302
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID HTTP 302
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=366790765324629425
Request Chain 48
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D HTTP 302
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D&redirect=1
Request Chain 49
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKVrVRd0OTASjIDmfAg%3D%3D&random=1523926493512 HTTP 302
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKVrVRd0OTASjIDmfAg%3D%3D&random=1523926493512&xl8blockcheck=1 HTTP 302
  • http://sync.sharethis.com/nlsn?uid=171c7323c920d36eca6088f1bd00b13d

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set h19.html
st.xrivonet.info/ 		52 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
104.28.11.175 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7873b764eea53105c6ac676b85e2eb5226a27ecc33a1f27540bcbd12321331e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
st.xrivonet.info
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 23:14:15 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Set-Cookie
__cfduid=d7be29405c15871b804a96830e773af101523926490; expires=Wed, 17-Apr-19 00:54:50 GMT; path=/; domain=.xrivonet.info; HttpOnly
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
40caec3837e09bcf-AMS
16153472-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/16153472-css_bundle_v2.css
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
SPDY
Server
216.58.214.105 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f9.1e100.net
Software
sffe /
Resource Hash
df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Mon, 12 Feb 2018 16:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Jul 2015 01:50:07 GMT
server
sffe
age
5472282
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
8912
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 16:50:09 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3127189521511558727&zx=d740d3e9-2abb-42bf-b18d-41c9a8d4501c
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
SPDY
Server
216.58.214.105 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 17 Apr 2018 00:54:51 GMT
server
GSE
date
Tue, 17 Apr 2018 00:54:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
private, max-age=1800
expires
Tue, 17 Apr 2018 00:54:51 GMT
/
d1bevsqehy4npt.cloudfront.net/ 		235 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1bevsqehy4npt.cloudfront.net/?svebd=622073
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
216.137.61.217 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-217.fra2.r.cloudfront.net
Software
/
Resource Hash
ba7754e58363f5c92d8e6da2b99f67301aa009515deb20b01593fd995a33a1b6

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
X-Amz-Cf-Id
7WnF0DSJU_iCGrOn5ex1WM_SXax5AS5faSqMHSbUHF13lLmQ-j1q6g==
Via
1.1 3aa04125cfbe212eb3783a1b1caebdb5.cloudfront.net (CloudFront)
apu.php
deloton.com/
Redirect Chain
  • http://go.oclasrv.com/apu.php?zoneid=557885
  • http://deloton.com/apu.php?zoneid=557885
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://deloton.com/apu.php?zoneid=557885
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
194.187.98.221 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
194.187.98.221.webazilla.com
Software
nginx /
Resource Hash

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:51 GMT
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
http://deloton.com/apu.php?zoneid=557885
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
display.php
www.adnetworkperformance.com/a/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.adnetworkperformance.com/a/display.php?r=431511
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
130.211.186.109 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
109.186.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
4dadf1ed00428669a4f4c64ad73a9dc7834c80bdc5d7e65118d34d5dc45a4659

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
openresty
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Link
<//www.adnetworkperformance.com>; rel=dns-prefetch,<//www.adnetworkperformance.com>; rel=preconnect
icon18_wrench_allbkg.png
img1.blogblog.com/img/ 		475 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
216.58.214.105 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f9.1e100.net
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 13 Apr 2018 02:18:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12 Apr 2018 01:26:23 GMT
Server
sffe
Age
340579
Content-Type
image/png
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
475
X-XSS-Protection
1; mode=block
Expires
Fri, 20 Apr 2018 02:18:32 GMT
display.php
www.adnetworkperformance.com/a/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.adnetworkperformance.com/a/display.php?r=404241
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
130.211.186.109 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
109.186.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
82ae28468fc0e16567b9adadefc81d4fdd12166273747078bece3353ea2acdf5

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
openresty
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Link
<//www.adnetworkperformance.com>; rel=dns-prefetch,<//www.adnetworkperformance.com>; rel=preconnect
xbanner.js
creative.speednetwork14.com/speednetwork14/tags/xbanner/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://creative.speednetwork14.com/speednetwork14/tags/xbanner/xbanner.js?ap=1300
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0518b9ee60074d49592ce0cea35741bc40627bb9660d23edfecf48e984ca9177

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Last-Modified
Tue, 17 Apr 2018 00:23:06 GMT
ETag
1523924586
X-HW
1523926491.dop005.fr8.t,1523926491.cds023.fr8.c
Content-Type
text/plain; charset=utf-8
Cache-Control
public, max-age=1695
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1869
emb.js
st.chatango.com/js/gz/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://st.chatango.com/js/gz/emb.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
208.93.230.28 San Francisco, United States, ASN29893 (CHATANGO - Chatango LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c1fdf4bd9dbb7dad34a8a318b040fd2d51dac20d7015ce640f46c7f77469aa8c

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Apr 2018 17:41:22 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24584
Expires
Tue, 17 Apr 2018 00:54:51 GMT
load.js
tags.h12-media.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.h12-media.com/load.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
154.51.131.141 Fulham, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / x-65, ARR/3.0, ASP.NET
Resource Hash
ee7f351c0e938ceb72d10ceb47b8a60d3c002ff6767809062e321ad6be60b386

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:55:30 GMT
Content-Encoding
gzip
ETag
"5880583da3c8d31:0"
Last-Modified
Sat, 31 Mar 2018 03:49:15 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
x-65, ARR/3.0, ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
8333
3190386002-widgets.js
www.blogger.com/static/v1/widgets/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3190386002-widgets.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
SPDY
Server
216.58.214.105 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f9.1e100.net
Software
sffe /
Resource Hash
fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Sat, 07 Apr 2018 08:03:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Jul 2015 01:50:07 GMT
server
sffe
age
838282
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
37848
x-xss-protection
1; mode=block
expires
Sun, 07 Apr 2019 08:03:29 GMT
plusone.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
SPDY
Server
216.58.214.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f14.1e100.net
Software
ESF /
Resource Hash
55a08e9c43233a14d612347cbfb0d32a53dfa378a6536af2bbc2decb3acdd8cd
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180405.13_p0
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180405.13_p0
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
date
Tue, 17 Apr 2018 00:54:51 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"70ac8bc9ef43b6e0ceae2dca614e72b4"
timing-allow-origin
*
expires
Tue, 17 Apr 2018 00:54:51 GMT
invoke.js
www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
213.196.2.1 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
application/javascript
Content-Length
11158
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
r.remarketingpixel.com/ 		40 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://r.remarketingpixel.com/stats
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js
Protocol
HTTP/1.1
Server
23.111.224.1 Phoenix, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
f581e2f02dd8c1b8bd80c275db238357d25c61f73ffb606609b3bfce33495088

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Date
Tue, 17 Apr 2018 00:54:51 GMT
Server
nginx/1.12.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://st.xrivonet.info
Cache-Control
max-age=0, : no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
40
Expires
Tue, 17 Apr 2018 00:54:51 GMT
popunder.gif
schemic.top/ 		35 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://schemic.top/popunder.gif
Requested by
Host: d1bevsqehy4npt.cloudfront.net
URL: http://d1bevsqehy4npt.cloudfront.net/?svebd=622073
Protocol
HTTP/1.1
Server
54.209.218.18 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-218-18.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Pragma
public
Date
Tue, 17 Apr 2018 00:54:52 GMT
content-encoding
gzip
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800, immutable
Connection
keep-alive
4MTZ2anBSWRgMT0VfEldGCQJOXUEXXAUFHkELNVggSVI+XiZYXUUvGxdCDA5NARAaCx5WC1APHlILR0wRVVRLWlZEV0sHH0tfGgYRFAQwX14BE0RaWEkHR09DcxNEWhxYWAMSVQMGDlJGbgBCQ1UDBhcaAF1TAQ8SWl8CT0J3A0VdXgIAU1hAGV0eHh1dE0-QpVQM...
d1bevsqehy4npt.cloudfront.net/ 		237 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d1bevsqehy4npt.cloudfront.net/4MTZ2anBSWRgMT0VfEldGCQJOXUEXXAUFHkELNVggSVI+XiZYXUUvGxdCDA5NARAaCx5WC1APHlILR0wRVVRLWlZEV0sHH0tfGgYRFAQwX14BE0RaWEkHR09DcxNEWhxYWAMSVQMGDlJGbgBCQ1UDBhcaAF1TAQ8SWl8CT0J3A0VdXgIAU1hAGV0eHh1dE0-QpVQMGGgMbVBNEWhdUVR0FWRQERgIVUFIaDwNCVR4YH1xTU1g2BwNYWl4CBURfXgAOR09CAUUXDBFDX1NYNgQFQURDBxADVxIJBkdSFQAFR1hDAFBOXUEDV0JSQwIEElpFAwRAWxME
Requested by
Host: d1bevsqehy4npt.cloudfront.net
URL: http://d1bevsqehy4npt.cloudfront.net/?svebd=622073
Protocol
HTTP/1.1
Server
216.137.61.217 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-217.fra2.r.cloudfront.net
Software
/
Resource Hash
1d798455213a016afadb6c996416b6f3d089880d274da4052e52fb2437fb6c8d

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
211
Via
1.1 3aa04125cfbe212eb3783a1b1caebdb5.cloudfront.net (CloudFront)
X-Amz-Cf-Id
mlOSxF6w-EvHiw5gro7Ueaw7Gp-c5kyC5j4mUP40xqTclWXtO0VwMA==
YkZnd2RNeQQEWQB0LkIqNX8CIRMRAj8bHDYFIToqOhciPCUOfwFREAsiWkFWUHZQREISLwNKVUQ1ExYQFzVaRkILKAEYWUQwWkZKU3ZJT1RMdkEDFAMhWkZCEjITG1lTc1VEXVBwU05VWnBQ
schemic.top/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/YkZnd2RNeQQEWQB0LkIqNX8CIRMRAj8bHDYFIToqOhciPCUOfwFREAsiWkFWUHZQREISLwNKVUQ1ExYQFzVaRkILKAEYWUQwWkZKU3ZJT1RMdkEDFAMhWkZCEjITG1lTc1VEXVBwU05VWnBQ
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.84.155.141 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-155-141.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:52 GMT
Connection
keep-alive
Content-Length
0
S3JoWnJkTQspTwUIMioTHSMnG0MjKyU2JwoqD2ILHkMpEyUPK04uGy9PXmJGc0VZfAIiFlVrS20BHDsGPgFVa1QiHA41T20EVWtce1xedEBtBhg7FXZDTgVPekdaaUt5RFxjQ3JGWg
schemic.top/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/S3JoWnJkTQspTwUIMioTHSMnG0MjKyU2JwoqD2ILHkMpEyUPK04uGy9PXmJGc0VZfAIiFlVrS20BHDsGPgFVa1QiHA41T20EVWtce1xedEBtBhg7FXZDTgVPekdaaUt5RFxjQ3JGWg
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.209.218.18 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-218-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:52 GMT
Connection
keep-alive
Content-Length
0
dWcxQ2taWFIwViIMZzYxIQ9bIC1MMmkpAw8wYA0OJQ58Ez0zCBc3AhFaB3tfTVAAZRscAwxyUlMURSIfABQMdVlTDl8lBEhBR35aW1cfdUVHQUUzChJaAGU0SFYEcVhMVQd3UkdSCXs
schemic.top/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/dWcxQ2taWFIwViIMZzYxIQ9bIC1MMmkpAw8wYA0OJQ58Ez0zCBc3AhFaB3tfTVAAZRscAwxyUlMURSIfABQMdVlTDl8lBEhBR35aW1cfdUVHQUUzChJaAGU0SFYEcVhMVQd3UkdSCXs
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.209.218.18 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-218-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:52 GMT
Connection
keep-alive
Content-Length
0
watch.324850312752.js
www.urldelivery.com/ 		0
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.urldelivery.com/watch.324850312752.js?key=976b0d76d773f5547d37fe90ada4248d&kw=%5B%22rivord%22%5D&refer=http%3A%2F%2Fst.xrivonet.info%2Fh19.html%2315&tz=0&dev=r&res=4.23&uuid=397bb35c-909d-4934-bab4-f98ad51bef5b%3A2%3A1
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js
Protocol
HTTP/1.1
Server
198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
103
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Ph9bCQwzHlQFYTUNZidXXx8RBVACRAFDC1ZOBFdJDx0KQB8VDVYFTBVEA0MfDxdRHgRRSwFXT1tIGUAJSEEHXwlADUcQXltIEQFNEhUKQAxUSg5DD1JABUcJVQ
schemic.top/OWZ5N3EWWRpETFtWEV0obF8cUSd/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/OWZ5N3EWWRpETFtWEV0obF8cUSd/Ph9bCQwzHlQFYTUNZidXXx8RBVACRAFDC1ZOBFdJDx0KQB8VDVYFTBVEA0MfDxdRHgRRSwFXT1tIGUAJSEEHXwlADUcQXltIEQFNEhUKQAxUSg5DD1JABUcJVQ
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.84.224.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-224-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:52 GMT
Connection
keep-alive
Content-Length
0
apu.php
deloton.com/
Redirect Chain
  • http://go.oclasrv.com/apu.php?zoneid=557885
  • http://deloton.com/apu.php?zoneid=557885
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://deloton.com/apu.php?zoneid=557885
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
194.187.98.221 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
194.187.98.221.webazilla.com
Software
nginx /
Resource Hash

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:52 GMT
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
http://deloton.com/apu.php?zoneid=557885
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
display.php
www.adnetworkperformance.com/a/ 		0
160 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.adnetworkperformance.com/a/display.php?r=431511&treqn=1040650466&runauction=1&crr=9595590f6a2b0298e9fb,,gqrKrro__9uCI9jnKoo-K6yOKqpC7r06L6yWLg0POg0P-h1PutyKrrb75b0736c088ad123458&cbrandom=0.25159459942974216&cbtitle=RivoRD&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by
Host: www.adnetworkperformance.com
URL: http://www.adnetworkperformance.com/a/display.php?r=431511
Protocol
HTTP/1.1
Server
130.211.186.109 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
109.186.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Referrer-Policy
no-referrer
Server
openresty
Connection
keep-alive
Vary
Accept-Encoding
pop.js
c1.popads.net/ 		68 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
195.181.174.23 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Apr 2018 14:16:47 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5ad35ecf-1108b"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Edge-IP
195.181.174.20
Connection
keep-alive
X-Age
124433
Expires
Sun, 22 Apr 2018 14:20:59 GMT
invoke.js
www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
213.196.2.1 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
28061cff0f485011fce7cde0c1d67294f77cf4eb01bb9ec68115f896f1ba6e44
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
application/javascript
Content-Length
28673
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.1346385637754.js
www.urldelivery.com/ 		0
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.urldelivery.com/watch.1346385637754.js?key=07dde3e2c5af0db032c8826e3b79914d&kw=%5B%22rivord%22%5D&refer=http%3A%2F%2Fst.xrivonet.info%2Fh19.html%2315&tz=0&dev=r&res=4.23&uuid=397bb35c-909d-4934-bab4-f98ad51bef5b%3A2%3A1
Requested by
Host: www.bnserving.com
URL: http://www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js
Protocol
HTTP/1.1
Server
198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
103
Expires
Thu, 01 Jan 1970 00:00:01 GMT
colored.js
widgets.amung.us/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/colored.js
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
02a7780bff12e475835420f6a894ad359392c5cd161adf77f29f09b4a374257f

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 21:05:41 GMT
ETag
W/"5ac7e125-179d"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Wed, 18 Apr 2018 00:54:52 GMT
tags.js
tags.h12-media.com/v2/ Frame 13A4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.h12-media.com/v2/tags.js?placement=3c2a3b5ea5cdfbfa0cd8de38a0cbfbb8&allowbackup=true&appearance=standard&type=standard&size=300x250&name=&sability=true&bref=http%3A%2F%2Fst.xrivonet.info%2Fh19.html%2315&rnd=0.13574933232116115&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=79%2C279&bpos=1065%2C179&bposscr=1065%2C179&cdim=1600%2C1200&ddim=1585%2C1296&clngs=en-US&mdi=2&mhi=0
Requested by
Host: tags.h12-media.com
URL: http://tags.h12-media.com/load.js
Protocol
HTTP/1.1
Server
154.51.131.141 Fulham, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / x-65, ARR/3.0, ASP.NET
Resource Hash
84f6cc92f2beb0c45f342c854747e0ea25f631fecc694da57f6312b76116168b

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:55:31 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
x-65, ARR/3.0, ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; Charset=UTF-8
Proc
0.2971
Cache-Control
no-store,no-cache,max-age=0,private
Srg-X
x-.138
Content-Length
2011
r.json
st.chatango.com/cfg/nc/ 		20 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://st.chatango.com/cfg/nc/r.json?1a27300020000088758738261
Requested by
Host: st.chatango.com
URL: http://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Server
208.93.230.24 San Francisco, United States, ASN29893 (CHATANGO - Chatango LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
5741fba1589f1ac946ea2460fbf0bed8d84719489c30472551b6698bebbaf85f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Last-Modified
Tue, 10 Apr 2018 17:41:22 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pa4EfGZJtyM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNvuMxw8LpLrCWFeoIaET1OMP8dSQ/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.pa4EfGZJtyM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNvuMxw8LpLrCWFeoIaET1OMP8dSQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
SPDY
Server
216.58.214.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f14.1e100.net
Software
sffe /
Resource Hash
feab5600653e46a9a6ba27002de4b0c59f290a221474380b00f85dd7b4c46469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Mon, 09 Apr 2018 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Apr 2018 21:54:04 GMT
server
sffe
age
618906
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
46440
x-xss-protection
1; mode=block
expires
Tue, 09 Apr 2019 20:59:46 GMT
TDBiUkhjDwEhdRh4LD4pfkRTACQeUSYBfQplBWIGB3I3Fx8rW0QmISgNVGp8dAdTdDglVF9jcWpDFjM8OUNfZnpqWQw0J3ECUGJuOg1TfHhiBkxgbjhAAzV1fRY9b3l5AlFrenoEW2BwfQA
schemic.top/ 		0
139 B 		Other
General
Check archive.org
Download Go to
Full URL
http://schemic.top/TDBiUkhjDwEhdRh4LD4pfkRTACQeUSYBfQplBWIGB3I3Fx8rW0QmISgNVGp8dAdTdDglVF9jcWpDFjM8OUNfZnpqWQw0J3ECUGJuOg1TfHhiBkxgbjhAAzV1fRY9b3l5AlFrenoEW2BwfQA
Requested by
Host: d1bevsqehy4npt.cloudfront.net
URL: http://d1bevsqehy4npt.cloudfront.net/?svebd=622073
Protocol
HTTP/1.1
Server
54.84.155.141 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-155-141.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control
max-age=0
Origin
http://st.xrivonet.info
Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:52 GMT
Connection
keep-alive
Content-Length
0
c
serve.popads.net/ 		239 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?r=1523926492&v=3&siteId=2059451&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.10 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3ea19c97085304577c1b3096d953c0788d2849514a421e6aec1b8643a8107f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
http://st.xrivonet.info/h19.html
Origin
http://st.xrivonet.info

Response headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:52 GMT
Access-Control-Allow-Origin
*
Content-Type
text/javascript;charset=UTF-8
PopAds-EC
GIID
Cache-Control
private, no-store, no-cache, must-revalidate, no-transform, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
239
/
t.dtscout.com/i/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fst.xrivonet.info%2Fh19.html%2315&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/colored.js
Protocol
HTTP/1.1
Server
69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
ed642e5edf21221631ecb26142081d3b5451497cdc7a1da393f5c90dbc8a7338

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
X-ip
148.251.45.254
Connection
close
Expires
Tue, 17 Apr 2018 00:54:52 GMT
/
whos.amung.us/pingjs/ 		33 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=rtnlniviutns&t=RivoRD&c=u&y=&a=0&d=1.863&v=22&r=1684
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/colored.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
406997216056623afd2edd56cad7b9b9a828f0e3d9e2c9a306fe4ed3dce28b1f

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
/
c.adsco.re/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: serve.popads.net
URL: http://serve.popads.net/c?r=1523926492&v=3&siteId=2059451&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Protocol
HTTP/1.1
Server
195.181.174.9 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
bee1a3f6f6ef4dbaf23f1b0a3670638c561a78b7072dfd9209a8832f72daa3f1

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 21:43:47 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5acfd313-73db"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=7200, public
X-Edge-IP
195.181.174.1
Connection
keep-alive
X-Age
4169
Link
<//adsco.re>; rel=preconnect, <//c.adsco.re/xi>; rel=prefetch, <//6.adsco.re/xi>; rel=prefetch
xi
c.adsco.re/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/xi
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
195.181.174.9 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Purpose
prefetch
Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Apr 2018 09:35:40 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5ac49c6c-1e0"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/html
Cache-Control
max-age=300, public
X-Edge-IP
195.181.174.1
Connection
keep-alive
X-Age
4
xi
6.adsco.re/ 		0
0
popunder.gif
schemic.top/ 		35 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/popunder.gif
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.84.224.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-224-113.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
public
Date
Tue, 17 Apr 2018 00:54:53 GMT
content-encoding
gzip
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800, immutable
Connection
keep-alive
tc.js
cdn.tynt.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/colored.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 10 Apr 2018 18:36:40 GMT
Server
cloudflare
ETag
W/"5acd0438-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
40caec45b26f63d3-FRA
Expires
Fri, 20 Apr 2018 00:54:53 GMT
/
widgets.amung.us/colwid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.amung.us/colwid/?c=ffc20e000000
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
661c696659df6d576a75b9f65e11a05995760c8bc0e4aeec85e00a977bc7d2e7

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Content-Disposition
filename=wau-widget.png
Connection
close
Expires
Wed, 18 Apr 2018 00:54:53 GMT
truncated
/ Frame 13A4 		488 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
2689590_492x328.jpg
imgg-cdn.mgid.com/2689/ Frame 13A4 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imgg-cdn.mgid.com/2689/2689590_492x328.jpg
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
54002d7c86bc7a4e5beafe194a40bb41f2ebdc143606ccfbf71afaf6073dab93

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-ID
fr5-up-a245
Date
Tue, 17 Apr 2018 00:54:53 GMT
Last-Modified
Fri, 06 Apr 2018 13:48:17 GMT
Server
nginx
ETag
"5ac77aa1-caba"
X-Cached-Since
2018-04-10T00:12:02+00:00
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51898
Expires
Thu, 10 May 2018 00:12:03 GMT
2596038_492x328.jpg
imgg-cdn.mgid.com/2596/ Frame 13A4 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imgg-cdn.mgid.com/2596/2596038_492x328.jpg
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d7809947312cce3247a5b5656b603102f06e600cfe0eeb94df06fc6bdb80436f

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-ID
fr5-up-a245
Date
Tue, 17 Apr 2018 00:54:53 GMT
Last-Modified
Fri, 09 Feb 2018 18:37:28 GMT
Server
nginx
ETag
"5a7dea68-708c"
X-Cached-Since
2018-03-22T15:14:00+00:00
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28812
Expires
Thu, 22 Mar 2018 15:13:46 GMT
2479249_492x328.jpg
imgg-cdn.mgid.com/2479/ Frame 13A4 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imgg-cdn.mgid.com/2479/2479249_492x328.jpg
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
459affc4e79ad0bdc1d0472afb422597fbc0536c1d015531c3aeb6b8a901183f

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-ID
fr5-up-gc4
Date
Tue, 17 Apr 2018 00:54:52 GMT
Last-Modified
Fri, 10 Nov 2017 14:16:43 GMT
Server
nginx
ETag
"5a05b4cb-9c19"
X-Cached-Since
2018-03-22T15:09:03+00:00
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39961
Expires
Thu, 22 Mar 2018 15:08:57 GMT
p
ic.tynt.com/b/ 		35 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!rtnlniviutns&lm=0&ts=1523926493099&dn=TC&iso=0&t=RivoRD&cu=http%3A%2F%2Fwrivz1.blogspot.com%2F
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.10.3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
Server
nginx/1.10.3
ETag
"4bc8846c-23"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
35
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
Z0VlSGtIegY7VikBDj8+MC4jDCotKzIJCC4EMSsnJSkKDDELLiBuHw4hWH5ZVXVSe00XLAF1WkE2ESkfEjZYfllBLAsuBFpjE3VaSXRVZlNXa1VuHxckAnVaQTURPAdadFB6WF53U3xSVHRVcA
schemic.top/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://schemic.top/Z0VlSGtIegY7VikBDj8+MC4jDCotKzIJCC4EMSsnJSkKDDELLiBuHw4hWH5ZVXVSe00XLAF1WkE2ESkfEjZYfllBLAsuBFpjE3VaSXRVZlNXa1VuHxckAnVaQTURPAdadFB6WF53U3xSVHRVcA
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.84.224.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-224-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 Apr 2018 00:54:53 GMT
Connection
keep-alive
Content-Length
0
v2
de.tynt.com/deb/ 		816 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!rtnlniviutns&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
e5e2f2ce370be1e8f270a531ed3294d04c1345b419cafb4ccf546aa9b5a998bd

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Content-Type
application/javascript
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
816
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=366790765324629425
95 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=366790765324629425
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
54.76.173.188 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-173-188.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:53 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Tue, 17 Apr 2018 00:54:53 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Apr 2018 00:54:55 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
c6709a90-1aed-4e9e-94a6-b7e24a6e7d66
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=366790765324629425
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D&redirect=1
43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D&redirect=1
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
34.200.122.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-122-167.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

Location
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKVrVRd0OTASjIDmfAg%3D%3D&redirect=1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
nlsn
sync.sharethis.com/
Redirect Chain
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKVrVRd0OTASjIDmfAg%3D%3D&random=1523926493512
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKVrVRd0OTASjIDmfAg%3D%3D&random=1523926493512&xl8blockcheck=1
  • http://sync.sharethis.com/nlsn?uid=171c7323c920d36eca6088f1bd00b13d
42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.sharethis.com/nlsn?uid=171c7323c920d36eca6088f1bd00b13d
Requested by
Host: st.xrivonet.info
URL: http://st.xrivonet.info/h19.html
Protocol
HTTP/1.1
Server
18.195.89.79 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-89-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://st.xrivonet.info/h19.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Connection
keep-alive
Stid
ZGAGEVrVRd0AAAATXYjeAw==
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Tue, 17 Apr 2018 00:54:53 GMT
Server
nginx/1.12.2
X-Powered-By
Undertow/1
P3P
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location
http://sync.sharethis.com/nlsn?uid=171c7323c920d36eca6088f1bd00b13d
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
http://6.adsco.re/xi

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| jstiming function| tickAboveFold object| a string| b string| e string| f string| g function| h string| k object| LieDetector object| atAsyncContainers function| m function| q function| u object| y object| z function| B function| A function| Fingerprint2 number| _299983204 function| C2PxdH4Vik3Ek number| _2752405763 function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser object| builder string| url object| scriptElement object| scriptCFASync object| firstScript function| closeMyAd number| milisec number| seconds function| display string| content object| adParams object| _pop object| ___gcfg function| s3EE object| leca object| Base64 string| popns object| BJPPopAds object| detectZoom object| PopAds object| _pao string| h12precont object| h12_adarray object| _wau function| h12_lets_animate object| __h12jsonobj number| CurScrTop number| CurViewFrameHeight function| view_handler object| closure_lm_295997 function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogListView function| _ContactFormView function| _CustomSearchView function| _ExampleView function| _FeaturedPostView function| _BlogView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _GadgetView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _NewsBarView function| _PageListView function| _PlusBadgeView function| _PlusFollowersView function| _PlusOneView function| _PlusPostsView function| _PollView function| _PopularPostsView function| _ProfileView function| _SlideshowView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _VideoBarView function| _WikipediaView object| gapi object| ___jsl object| ___gu string| blogger_templates_experiment_id string| blogger_blog_id function| __gjsload__ string| wau_w_col object| WAU_ren function| WAU_colored function| WAU_r_u function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_cps function| docReady object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| mnr object| cv object| x string| x1 string| x2 object| Tynt object| _33Across function| AdscoreInit

0 Cookies

7 Console Messages

Source Level URL
Text
console-api log URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js(Line 1)
Message:
console.clear
console-api log URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: http://www.bnserving.com/976b0d76d773f5547d37fe90ada4248d/invoke.js(Line 1)
Message:
console.clear
console-api log URL: http://www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js(Line 1)
Message:
in video processor!
console-api log URL: http://www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: http://www.bnserving.com/07dde3e2c5af0db032c8826e3b79914d/invoke.js(Line 1)
Message:
[object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
apis.google.com
c.adsco.re
c1.popads.net
cdn.tynt.com
creative.speednetwork14.com
d1bevsqehy4npt.cloudfront.net
de.tynt.com
deloton.com
go.oclasrv.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
img1.blogblog.com
imgg-cdn.mgid.com
loadus.exelator.com
r.remarketingpixel.com
s.cpx.to
schemic.top
serve.popads.net
st.chatango.com
st.xrivonet.info
sync.sharethis.com
t.dtscout.com
tags.h12-media.com
whos.amung.us
widgets.amung.us
www.adnetworkperformance.com
www.blogger.com
www.bnserving.com
www.urldelivery.com
6.adsco.re
104.16.88.26
104.28.11.175
130.211.186.109
154.51.131.141
18.195.89.79
185.225.208.133
185.33.223.206
194.187.98.221
195.181.174.23
195.181.174.9
198.134.112.241
205.185.216.10
208.100.17.181
208.100.17.183
208.93.230.24
208.93.230.28
213.196.2.1
216.137.61.217
216.21.13.10
216.52.1.12
216.58.214.105
216.58.214.110
23.111.224.1
34.200.122.167
54.209.218.18
54.76.173.188
54.84.155.141
54.84.224.113
67.202.94.86
69.4.231.30
78.140.191.92
92.223.124.254
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02a7780bff12e475835420f6a894ad359392c5cd161adf77f29f09b4a374257f
0518b9ee60074d49592ce0cea35741bc40627bb9660d23edfecf48e984ca9177
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f
1d798455213a016afadb6c996416b6f3d089880d274da4052e52fb2437fb6c8d
28061cff0f485011fce7cde0c1d67294f77cf4eb01bb9ec68115f896f1ba6e44
406997216056623afd2edd56cad7b9b9a828f0e3d9e2c9a306fe4ed3dce28b1f
459affc4e79ad0bdc1d0472afb422597fbc0536c1d015531c3aeb6b8a901183f
4dadf1ed00428669a4f4c64ad73a9dc7834c80bdc5d7e65118d34d5dc45a4659
54002d7c86bc7a4e5beafe194a40bb41f2ebdc143606ccfbf71afaf6073dab93
55a08e9c43233a14d612347cbfb0d32a53dfa378a6536af2bbc2decb3acdd8cd
5741fba1589f1ac946ea2460fbf0bed8d84719489c30472551b6698bebbaf85f
661c696659df6d576a75b9f65e11a05995760c8bc0e4aeec85e00a977bc7d2e7
7873b764eea53105c6ac676b85e2eb5226a27ecc33a1f27540bcbd12321331e3
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
82ae28468fc0e16567b9adadefc81d4fdd12166273747078bece3353ea2acdf5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f6cc92f2beb0c45f342c854747e0ea25f631fecc694da57f6312b76116168b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
ba7754e58363f5c92d8e6da2b99f67301aa009515deb20b01593fd995a33a1b6
bee1a3f6f6ef4dbaf23f1b0a3670638c561a78b7072dfd9209a8832f72daa3f1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1fdf4bd9dbb7dad34a8a318b040fd2d51dac20d7015ce640f46c7f77469aa8c
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d7809947312cce3247a5b5656b603102f06e600cfe0eeb94df06fc6bdb80436f
df6b27e051729b0993ec014da7b81ec8643265763d7239e50a9fdc404eb5b963
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea19c97085304577c1b3096d953c0788d2849514a421e6aec1b8643a8107f5
e5e2f2ce370be1e8f270a531ed3294d04c1345b419cafb4ccf546aa9b5a998bd
ed642e5edf21221631ecb26142081d3b5451497cdc7a1da393f5c90dbc8a7338
ee7f351c0e938ceb72d10ceb47b8a60d3c002ff6767809062e321ad6be60b386
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b
f581e2f02dd8c1b8bd80c275db238357d25c61f73ffb606609b3bfce33495088
fa1ec33b80e0c92accdd28f35ca370bf013d740d4ec702ec01f3d503419cddd5
feab5600653e46a9a6ba27002de4b0c59f290a221474380b00f85dd7b4c46469
fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a