newsweeks.net Open in urlscan Pro
166.62.27.179 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/2NhSfay
Effective URL:
http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf...
Submission: On June 30 via api (June 30th 2019, 1:28:47 pm UTC) from BE

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 57 HTTP transactions. The main IP is 166.62.27.179, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is newsweeks.net.

This is the only time newsweeks.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
1 2	193.107.89.150 193.107.89.150	48505 (KYLOS-AS) (KYLOS-AS)
1 5	23.95.199.197 23.95.199.197	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	2606:4700:30:... 2606:4700:30::681b:915f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	66.172.12.145 66.172.12.145	11051 (CYBERVERSE) (CYBERVERSE - Evocative)
1 1	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	166.62.27.179 166.62.27.179	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
43	2606:4700:30:... 2606:4700:30::6818:78ae	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
57	8

1 67.199.248.10 (United States) 1 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.107.89.150 (Poland) 1 redirects

ASN48505 (KYLOS-AS, PL)
PTR: ip-193.107.89.150.kylos.net.pl

wagetotal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.95.199.197 (Buffalo, United States) 1 redirects

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-197-host.colocrossing.com

sunflowermax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:915f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.172.12.145 (Los Angeles, United States) 1 redirects

ASN11051 (CYBERVERSE - Evocative, Inc., US)
PTR: ip-66-172-12-145.chunkhost.com

go.kyakte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

beagedure-minalogy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.62.27.179 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-166-62-27-179.ip.secureserver.net

newsweeks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:4700:30::6818:78ae (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.samirpooper.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	samirpooper.club cdn.samirpooper.club	818 KB
5	sunflowermax.com 1 redirects sunflowermax.com	10 KB
4	fontawesome.com use.fontawesome.com	83 KB
2	imgur.com i.imgur.com	14 KB
2	kyakte.com 1 redirects go.kyakte.com	863 B
2	wagetotal.com 1 redirects wagetotal.com	648 B
1	jquery.com code.jquery.com	30 KB
1	newsweeks.net newsweeks.net	10 KB
1	beagedure-minalogy.com 1 redirects beagedure-minalogy.com	1 KB
1	rapid-cdn.com 1 redirects rapid-cdn.com	1 KB
1	bit.ly 1 redirects bit.ly	452 B
57	11

	Domain	Requested by
43	cdn.samirpooper.club	newsweeks.net use.fontawesome.com
5	sunflowermax.com	1 redirects wagetotal.com sunflowermax.com
4	use.fontawesome.com	newsweeks.net use.fontawesome.com
2	i.imgur.com	newsweeks.net
2	go.kyakte.com	1 redirects sunflowermax.com
2	wagetotal.com	1 redirects
1	code.jquery.com	newsweeks.net
1	newsweeks.net	go.kyakte.com
1	beagedure-minalogy.com	1 redirects
1	rapid-cdn.com	1 redirects
1	bit.ly	1 redirects
57	11

This site contains links to these domains. Also see Links.

Domain
beagedure-minalogy.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
sni116223.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-12` - `2019-12-19`	6 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315
Frame ID: 6379C2B128E5C920F5ECD66C5BAE86B8
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/2NhSfay HTTP 301
http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Page URL
http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh?inf=1 HTTP 302
http://sunflowermax.com/clicks?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&s... HTTP 301
http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&... Page URL
http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-13620... Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108156&vert=&cid=... HTTP 307
http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=64897... Page URL
http://go.kyakte.com/match-2805/34315/109977769/1561901313/mf_366fb9a4-d6d6-4f01-b7b2-a57b3a32240... HTTP 302
https://beagedure-minalogy.com/69e7145a-62ac-4120-b608-01153368c7ca?sourceid=ts464-internationalemail-gener... HTTP 302
http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YU... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Page Statistics

57
Requests

88 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

8
IPs

3
Countries

965 kB
Transfer

1303 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://beagedure-minalogy.com/click
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2NhSfay HTTP 301
http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Page URL
http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh?inf=1 HTTP 302
http://sunflowermax.com/clicks?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= HTTP 301
http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Page URL
http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108156&vert=&cid=4740&country=&payout= HTTP 307
http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 Page URL
http://go.kyakte.com/match-2805/34315/109977769/1561901313/mf_366fb9a4-d6d6-4f01-b7b2-a57b3a322407/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=648971212113738697 HTTP 302
https://beagedure-minalogy.com/69e7145a-62ac-4120-b608-01153368c7ca?sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 HTTP 302
http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/2NhSfay HTTP 301
http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh

Request Chain 1

http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh?inf=1 HTTP 302
http://sunflowermax.com/clicks?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= HTTP 301
http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4=

Request Chain 5

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108156&vert=&cid=4740&country=&payout= HTTP 307
http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697

57 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	1252845sO1362004UX0Cz0DG24yQr41161cjsh Show response wagetotal.com/ Redirect Chain https://bit.ly/2NhSfay http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh	214 B 373 B	456ms 140ms	Document text/html	193.107.89.150 KYLOS-AS
General Check archive.org Show headers Download Go to Full URL http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Protocol HTTP/1.1 Server 193.107.89.150 , Poland, ASN48505 (KYLOS-AS, PL), Reverse DNS ip-193.107.89.150.kylos.net.pl Software Apache / Resource Hash `532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34` Request headers Host wagetotal.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 13:28:31 GMT Server Apache Content-Length 214 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Server nginx Date Sun, 30 Jun 2019 13:28:30 GMT Content-Type text/html; charset=utf-8 Content-Length 146 Connection keep-alive Cache-Control private, max-age=90 Content-Security-Policy referrer always; Location http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Referrer-Policy unsafe-url Set-Cookie _bit=j5udsu-2b101145c464042e79-00u; Domain=bit.ly; Expires=Fri, 27 Dec 2019 13:28:30 GMT
GET H/1.1	200 OK	/ Show response sunflowermax.com/clicks/ Redirect Chain http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh?inf=1 http://sunflowermax.com/clicks?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4=	4 KB 4 KB	124ms 124ms	Document text/html	23.95.199.197 ColoCrossing
General Check archive.org Show headers Download Go to Full URL http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Requested by Host: wagetotal.com URL: http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Protocol HTTP/1.1 Server 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US), Reverse DNS 23-95-199-197-host.colocrossing.com Software Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16 Resource Hash `b8954ecbc763f4c6a54e38166638ea745f43a82de199c89f8e9f845bcb26f289` Request headers Host sunflowermax.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://wagetotal.com/1252845sO1362004UX0Cz0DG24yQr41161cjsh Response headers Date Sun, 30 Jun 2019 13:28:32 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By PHP/5.4.16 Content-Length 4282 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Sun, 30 Jun 2019 13:28:31 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Location http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Content-Length 339 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
POST H/1.1	200 OK	index.php sunflowermax.com/	211 B 451 B	445ms 445ms	XHR text/html	23.95.199.197 ColoCrossing
General Check archive.org Show headers Download Go to Full URL http://sunflowermax.com/index.php Requested by Host: sunflowermax.com URL: http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Protocol HTTP/1.1 Security , , Server 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US), Reverse DNS 23-95-199-197-host.colocrossing.com Software Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16 Resource Hash Request headers Referer http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Origin http://sunflowermax.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 30 Jun 2019 13:28:32 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Connection Keep-Alive X-Powered-By PHP/5.4.16 Content-Length 211 Keep-Alive timeout=5, max=98 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ Show response sunflowermax.com/clicks/	4 KB 4 KB	125ms 122ms	Document text/html	23.95.199.197 ColoCrossing
General Check archive.org Show headers Download Go to Full URL http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Requested by Host: sunflowermax.com URL: http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Protocol HTTP/1.1 Server 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US), Reverse DNS 23-95-199-197-host.colocrossing.com Software Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16 Resource Hash `1b501c1c1eb7b8b51bf0eade4c9e4aee57ad59ff5a066754939570ba73f33167` Request headers Host sunflowermax.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://sunflowermax.com/clicks/?cid=22099&pub=108156&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Response headers Date Sun, 30 Jun 2019 13:28:32 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By PHP/5.4.16 Content-Length 4214 Keep-Alive timeout=5, max=97 Connection Keep-Alive Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	index.php sunflowermax.com/	205 B 445 B	420ms 420ms	XHR text/html	23.95.199.197 ColoCrossing
General Check archive.org Show headers Download Go to Full URL http://sunflowermax.com/index.php Requested by Host: sunflowermax.com URL: http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Protocol HTTP/1.1 Security , , Server 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US), Reverse DNS 23-95-199-197-host.colocrossing.com Software Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16 Resource Hash Request headers Referer http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Origin http://sunflowermax.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 30 Jun 2019 13:28:32 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Connection Keep-Alive X-Powered-By PHP/5.4.16 Content-Length 205 Keep-Alive timeout=5, max=96 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ts464-internationalemail-general Show response go.kyakte.com/ Redirect Chain http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108156&vert=&cid=4740&country=&payout= http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697	491 B 560 B	457ms 274ms	Document text/html	66.172.12.145 Evocative
General Check archive.org Show headers Download Go to Full URL http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 Requested by Host: sunflowermax.com URL: http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Protocol HTTP/1.1 Server 66.172.12.145 Los Angeles, United States, ASN11051 (CYBERVERSE - Evocative, Inc., US), Reverse DNS ip-66-172-12-145.chunkhost.com Software nginx/1.6.2 / Resource Hash `68dc6b95f5eb26befd3cf7a2b70c9978d7c007bd60724dd924100bf5831bd4f1` Request headers Host go.kyakte.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://sunflowermax.com/clicks/?cid=4740&pub=108156&prevcid=22099&sid1=1252845&sid2=9b-1252845-1362004-41161-0-0&sid3=&sid4= Response headers Server nginx/1.6.2 Date Sun, 30 Jun 2019 13:28:33 GMT Content-Type text/html Transfer-Encoding chunked Connection close Content-Encoding gzip Redirect headers Date Sun, 30 Jun 2019 13:28:33 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dfb535a86e272e3c641794153d02b55eb1561901313; expires=Mon, 29-Jun-20 13:28:33 GMT; path=/; domain=.rapid-cdn.com; HttpOnly PHPSESSID=lhpbos9tuclnmhf5p5pj3bgkf3; expires=Sun, 07-Jul-2019 13:28:33 GMT; Max-Age=604800; path=/ X-Powered-By PHP/7.0.28 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Robots-Tag noindex, noarchive, nofollow P3P CP="This is not a P3P policy" Location http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 set-cookie csid2=lhpbos9tuclnmhf5p5pj3bgkf3; expires=Mon, 29-Jun-2020 13:28:33 GMT; Max-Age=31536000; path=/ PHPSESSID=lhpbos9tuclnmhf5p5pj3bgkf3; expires=Mon, 01-Jul-2019 13:28:33 GMT; Max-Age=86400; path=/ ff-do-ss=node-122002350\|XRi5B\|XRi5B; path=/ Server cloudflare CF-RAY 4ef07be71ba5beb0-FRA
GET H/1.1	200 OK	Primary Request Groom-Invets.html Show response newsweeks.net/Finance-News-GroomInvets/ Redirect Chain http://go.kyakte.com/match-2805/34315/109977769/1561901313/mf_366fb9a4-d6d6-4f01-b7b2-a57b3a322407/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=64897121211373... https://beagedure-minalogy.com/69e7145a-62ac-4120-b608-01153368c7ca?sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07...	48 KB 10 KB	387ms 187ms	Document text/html	166.62.27.179 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Requested by Host: go.kyakte.com URL: http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 Protocol HTTP/1.1 Server 166.62.27.179 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-166-62-27-179.ip.secureserver.net Software Apache / Resource Hash `fcdc6e15fff5984b61e10a52105837e1191611f96319b39f7c59a4541bd46536` Request headers Host newsweeks.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://go.kyakte.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=648971212113738697 Response headers Date Sun, 30 Jun 2019 13:28:34 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Sun, 10 Mar 2019 15:03:50 GMT ETag "b400835-bef4-583bec385955f-gzip" Accept-Ranges bytes Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 9459 Keep-Alive timeout=5 Content-Type text/html Redirect headers Server nginx Date Sun, 30 Jun 2019 13:28:34 GMT Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Location http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Pragma no-cache Set-Cookie 69e7145a-62ac-4120-b608-01153368c7ca-v4=69e7145a-62ac-4120-b608-01153368c7ca;Max-Age=86400;Expires=Mon, 01-Jul-2019 13:28:34 GMT;domain=beagedure-minalogy.com;path=/;HttpOnly cep-v4=tXMceYy4dbwLe6_40aysbZnIJAEb9156_dMfoFuF4kFnGyV-YfUewGIfmZ_4oMe5aEfB876C4v13sCHEpgLzTYMtOUVokCPuY1HP8waIf6enD_0RoStAa7eUFsAWgyh0eU-Yw_gl9l0ZmMjaqAC9NNSnC9kkKOo6xn5Vmxa-9gpQP5JzPraMnCN5GQRdQaqUm003ljqtCKkYFga_prU2hiE7JIVOnm8ppAnKukQ3olSSaMIhjlkavDPbnwADY413snubfh3POpxsP7wSTiRS0iRKSzCpz0nyhobh2njtXc7CaBkz-gHHfWdAqzyD5CEwEYPS8FMaz8WOuJhfrBRciay6H7nXCuy3uRRBxcvC0r_wOLT4Xl3U6p87hujWioaa;Max-Age=86400;Expires=Mon, 01-Jul-2019 13:28:34 GMT;domain=beagedure-minalogy.com;path=/;HttpOnly
GET H2	200	9U7LUQ0ZGY8C.css cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	115 KB 18 KB	220ms 24ms	Stylesheet text/css	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/9U7LUQ0ZGY8C.css Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d7c7e71717664e93c4d9290f158c612d3ac33b44995a350c2d029ddf3702154c` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT content-encoding br cf-cache-status HIT age 1492 x-amz-meta-x-amz-meta-title bootstrap status 200 x-amz-request-id 3C688A222321C491 x-amz-id-2 ZwK3cXESgYObnsxw+pA7JD8O+HIZFnTUcCBzGfM6IOuLSOAvZdxIvx2IW4z8oHQJ/KP2xX5LVtU= last-modified Sun, 08 Jul 2018 08:50:52 GMT server cloudflare etag W/"eb285f87f829061592e3cbbaa9252396" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 4ef07bf28e0a96a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	488ZEA9YA0MV.css cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	990 B 663 B	217ms 22ms	Stylesheet text/css	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/488ZEA9YA0MV.css Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c1604b001ca99ed50994eb1e8f9830ae2139e56acbb1dbd3b7504fec9f45754a` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT content-encoding br cf-cache-status HIT age 1492 x-amz-meta-x-amz-meta-title reset status 200 x-amz-request-id E31AE16547184215 x-amz-id-2 CO7Xr6ULeVyCl3pY/5B2RrigJBFoDAYayJBwoyTg/7AybdjcIf4yn2ajSTtIuaqGvucZVGcfAcY= last-modified Sun, 08 Jul 2018 08:50:41 GMT server cloudflare etag W/"3208fd8c83fef4bb297461ca5d8399ee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 4ef07bf28e0b96a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	CSQFDN9JIF5C.css cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	17 KB 4 KB	220ms 25ms	Stylesheet text/css	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/CSQFDN9JIF5C.css Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7e303891d2b1ab4129f7a38166092f20d03118d93e0ec9a6bbb493a8038c2929` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT content-encoding br cf-cache-status HIT age 1492 x-amz-meta-x-amz-meta-title stylef2ad status 200 x-amz-request-id F369591623B8DFD8 x-amz-id-2 FB7Kb8/WWiiEDeaMglxcbvRyvSgs5We/I5XfBMhQof1V9GseEFQ14gcKyeO6Pc2LdtQGhmHgFlo= last-modified Sun, 08 Jul 2018 08:50:56 GMT server cloudflare etag W/"85983dd9cce641ef81d424aab34e62a2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 4ef07bf28e0c96a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	GD1Z4TBT572L.css cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	37 KB 7 KB	214ms 20ms	Stylesheet text/css	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/GD1Z4TBT572L.css Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `0c1e7b1db7500e29695696c58964bce30dd8b0cf7c34056f04230a16dbd7d6d9` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT content-encoding br cf-cache-status HIT age 1492 x-amz-meta-x-amz-meta-title font-awesome status 200 x-amz-request-id E42BB2CE1094ECBC x-amz-id-2 /G2hoWoDU/ajXOYStuuEkyTPxVNoX4qJA7w61z5hGMm3tsk+g9lOfgeIUYkaFQk4JBaHh6viubo= last-modified Sun, 08 Jul 2018 08:51:03 GMT server cloudflare etag W/"874ddb072745066faf110a3a216d136a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 4ef07bf28e0d96a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	84847ffa3d.js Show response use.fontawesome.com/	9 KB 4 KB	151ms 20ms	Script text/javascript	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/84847ffa3d.js Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `9be1dae4c7265d92bea2caf56299114e558cbd9b98f218094c0623b855373be8` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT content-encoding gzip last-modified Fri, 19 Aug 2016 01:05:15 GMT server NetDNA-cache/2.2 x-amz-request-id 55337BBBF79C73F2 etag W/"38b518382d4d0b6cd0d9a27ad477448e" x-cache HIT content-type text/javascript status 200 cache-control max-age=0, private, must-revalidate x-amz-id-2 CsRkLnyLWGj34xFcvoQW/HQWEHM5tIbacjWv01BkoTY1KW7RgKKGCaMoVYQN5MYqpiEjP1fNiOw=
GET H2	200	2DHQKS3XJ2U6.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	912 B 1 KB	131ms 18ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/2DHQKS3XJ2U6.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `244b13e2802632ca2c7ec80f1b3d1d25662a697477950223a51efbd202671c40` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 912 x-amz-id-2 thAniQStXOvNWVEvKRCt/VlwuOI3FJwSIjfx3IoL7qOLbf3aC/GUP0Ox9K/PDWV8EzMQ7xSAQX4= last-modified Sun, 08 Jul 2018 08:50:38 GMT server cloudflare etag "fc96ae1c5bde72df80517830f15c725f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id E67E5ECBFFA2DB4D cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf28e0f96a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	D42F46ZYL5YM.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	297 B 492 B	141ms 29ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/D42F46ZYL5YM.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `79e06b3f7595bd8ba6142b7a39c6dadf50cb4d4e1e84a9af0e856a1212b13eab` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:34 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 297 x-amz-id-2 L55Aj/5toUJKIfQME1puxPZ99H48fK20FAGrGybB8bf6PMfU+fDslsA4baW7eBVQaIi91SWkvz8= last-modified Sun, 08 Jul 2018 08:50:57 GMT server cloudflare etag "54a93f43b187c8372ef90089483811ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 26BB095F5D84EEA8 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf28e1096a4-FRA expires Sun, 30 Jun 2019 17:28:34 GMT
GET H2	200	Y5W1YTY96QUK.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	24ms 16ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/Y5W1YTY96QUK.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d36c02dee9e1e7aea6848514ee2101401e67091bec3e90ffda309ce8e4a020f0` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 2041 x-amz-id-2 2eX+HL48ckVV5quIuiA5V5QXe+jF5O50zl5Aqf7hxVPL8H8p1PPv6ngc8cxdLosSwSnAuzlO7hA= last-modified Sun, 08 Jul 2018 08:51:36 GMT server cloudflare etag "762544bde845c0eab53810b6253dfaa2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id FB6C907B24CE1004 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f5796a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	MM65WC6NJ5OZ.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	33 KB 33 KB	68ms 60ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/MM65WC6NJ5OZ.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d986f3c3eed448af16715da6fae9015a7124548411faaf7d7b876adf9a27b3db` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 33507 x-amz-id-2 PGBqH87lTGJ91TD33RK5BroueYgbZvI9zHdNrtIysLiLfSrhKXExX7NIhQJBg8kisluttO/Gjk8= last-modified Sun, 08 Jul 2018 08:51:14 GMT server cloudflare etag "09b770f0fef7e2a98c8ffb747d436117" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id B00C787D3DBE2D11 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f5a96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	BYUWNZ0F60D6.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	4 KB 5 KB	69ms 62ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/BYUWNZ0F60D6.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `de793b33f9f2118d651ce2a11334beffb4d18601d47d656029792c04329e2c76` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 4461 x-amz-id-2 PtY5S1Kun8gnpI9+F1hVdVGB+XPwoFT1c/GZxlG2CVm7EcBhnGz5narFrV+SsvjJKqa3ysDuf8I= last-modified Sun, 08 Jul 2018 08:50:55 GMT server cloudflare etag "5abd9e239411b2513c71ca8eeefb7e7a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 2A1FC68735D5468D cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f5d96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	KAGF5I4VGMQ7.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	159 KB 159 KB	165ms 157ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/KAGF5I4VGMQ7.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `684b8492272a844993723a7ddb1e2b373d078afeb5140129a51eb05333e56529` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 162572 x-amz-id-2 5wC/YBLzQjUcme3h7VVamJCxWrMBeM++v3ogZSMlWwspJ6luhin6mfLlobMFVuYp5KMVTGbf6P0= last-modified Sun, 08 Jul 2018 08:51:10 GMT server cloudflare etag "d6da23299975be1bb23c31eec4a3d371" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id F18C6B9619CAEF6C cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f5f96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	09PLCTAZ6766.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	29 KB 29 KB	70ms 63ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/09PLCTAZ6766.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `bac134cb6ea5cf5373799a4f0c2f03112f0cb833ce836a80004bced4408596df` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 29246 x-amz-id-2 1JC2JeKn8iqa1A5+v0K2mjovZEVNHb3D/KoYgmptm20B0Ux1tLYkiY6lmXubD4NHgld9C7qBgtM= last-modified Sun, 08 Jul 2018 08:50:34 GMT server cloudflare etag "289daabd9cda34048d6a6a11cc80e224" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id DBEBDF46330786B4 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6396a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	WR23DRHEKMF2.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	28 KB 28 KB	73ms 66ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/WR23DRHEKMF2.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `80efff5fdd714454fcc58c5278a82556bbf0f33e6fb6f8d678400621fbd1d7e1` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 28266 x-amz-id-2 FKl14G/5kJGAwKyq+OhYD/oYZs0Mt3iB4A02CqD2ic1pbJYItS4a1DdQmY96Vt8VrWOAoGZCDEY= last-modified Sun, 08 Jul 2018 08:51:34 GMT server cloudflare etag "75276dcddd0eff36cd759fe19b495d4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 8E8713BC9D625A88 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6696a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	YWKZNU0WX7S1.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	322 KB 322 KB	76ms 69ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/YWKZNU0WX7S1.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `9e9b63a7f162e26353cd027cb9117c7b9577a73571abbb9c39453efb6854fe6d` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 329327 x-amz-id-2 aXkAv006CdtvBxbOGnAvcU3rSSwqC6mfzfpT03QrzoOWKYi1VA5k+YCNrPcKXGmKDcGvSFsgt5c= last-modified Sun, 08 Jul 2018 08:51:37 GMT server cloudflare etag "24fd17ef357a1b1877044acdeb783ec6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id E8DB0EA045EA50B4 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6896a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	45Y80L0RU5MD.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	115 KB 115 KB	78ms 71ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/45Y80L0RU5MD.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b27f2764b9d13bf19d1a163121239857282082b849a34bb62a45449f4248e323` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 117445 x-amz-id-2 Di+hEzjRJV+lSviNMRPDbtWAR+pbp75eCc5FN0Da6byJbMPNOV5sOI3mwrSuGWCrX1cezMs05WE= last-modified Sun, 08 Jul 2018 08:50:41 GMT server cloudflare etag "a764ad27f3b20eef6047fa0e8f5a8727" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 217C10B18ECF0F36 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6996a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	wDauJad.gif i.imgur.com/	4 KB 4 KB	462ms 96ms	Image image/gif	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/wDauJad.gif Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash `0efcad6b654b9bd60f8bcbea6508c285ffc0cac98cbb8c8ab3fc24b4778d0752` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT age 2342730 x-cache HIT, HIT status 200 content-length 3723 x-served-by cache-bwi5123-BWI, cache-hhn4071-HHN last-modified Thu, 26 Apr 2018 13:34:58 GMT server cat factory 1.0 x-timer S1561901315.466764,VS0,VE1 etag "0e41fe712754c3919a1b2b725aedb0a8" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	L6QJHYAYHNQF.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 3 KB	79ms 72ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/L6QJHYAYHNQF.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7e5525908ee7ec23615e4285a68f350c16425048714ec50634d447635a5874a8` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2369 x-amz-id-2 gZ2QfEUoeL1OI9Zobe3SPKmMnGUeoYtNqiilzj8LIfIjI/g6Csl/RHx3YNFc82pVZ+dZCHC5VAg= last-modified Sun, 08 Jul 2018 08:51:11 GMT server cloudflare etag "9a287b0f4b71492a853b7f500084376d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 5695965F9BC6AA79 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6a96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	T2EW3FX12NKI.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	79ms 74ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/T2EW3FX12NKI.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d3249a909b8945ef7c04e2583df2f67416f3a09e5b4e58683af1dc8bc6be6886` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2203 x-amz-id-2 raX8cyvBLEwPdryYaTFtyBEb9UDffzZ35QQCUOXPv2GoDPzaN764qqJtSklCnG62IJoxq5OzPOY= last-modified Sun, 08 Jul 2018 08:51:27 GMT server cloudflare etag "034c3ac904110dbbb7310bf789fb1308" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 617B7B242E55ACA7 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6c96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	F922S6ZHFXQP.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	80ms 75ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/F922S6ZHFXQP.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b706e60bc13b393fab7ffa62fa4d17a7d601b45d3b6944c4d62dd60e2b895823` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2266 x-amz-id-2 SPNhbWSHHB2YhPZ37YY7NlsNKEJUVPzP0dziDXIB+vPh/7lYukrxcGFh/I0IpfI4FnuLnKOVgIk= last-modified Sun, 08 Jul 2018 08:51:01 GMT server cloudflare etag "2f33d19f21c7b59ac7b97a0b90f6fecc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id B3E8122B0EFEB4FA cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f6d96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	P6HXVPD6NU9P.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 3 KB	167ms 162ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/P6HXVPD6NU9P.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1936808ae4190a7594bd2c1352710814c561acfdf8d5cc78c757aa3c4097ae3b` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2437 x-amz-id-2 f/lSqgvmEja2GD5HLphBOAqqm318L63kAoWUBPV9nt3w0mnD2oAaVvcsQG3I+nTWRuFZ8IjtpKA= last-modified Sun, 08 Jul 2018 08:51:18 GMT server cloudflare etag "79779b7bb017ee36ea186e35df070c5a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id ABFF5FFFCF8AA623 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7296a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	G4gI9q2.gif i.imgur.com/	10 KB 11 KB	394ms 29ms	Image image/gif	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/G4gI9q2.gif Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash `4e83e0511fd3e5677a4554c36d5845b4ceeb7af7a26d92689da0c3224eda1ac9` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT age 1571006 x-cache HIT, HIT status 200 content-length 10570 x-served-by cache-bwi5125-BWI, cache-hhn4071-HHN last-modified Thu, 26 Apr 2018 13:34:57 GMT server cat factory 1.0 x-timer S1561901315.466772,VS0,VE0 etag "59bf521d770f1628336e57f6363548ce" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2015
GET H2	200	1DQU0WK3V2YU.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	81ms 76ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/1DQU0WK3V2YU.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7ec043f47b278ee961e7659a4a96a0de5cb616624b55d25a53dd6e0dcc3e6528` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2274 x-amz-id-2 1criyawFVRHPF3gfNIKxx1fgHLFjD7QG/N5H3He6x6OmsxmtKd3eAMeUp1biBlc+96Q8I6L+jpA= last-modified Sun, 08 Jul 2018 08:50:36 GMT server cloudflare etag "a707ff935ea896bc955a574788abfa24" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id C021900A2138F6E7 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7596a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	E7HIYXAFRMSI.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	81ms 77ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/E7HIYXAFRMSI.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b7b29a73e9e3856ab5c746bf34ad175d3a29fcfa08efc794660a930ac2194f37` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2043 x-amz-id-2 fp3W8AISrZDJUhXGDZagB8MFl4F/ziFdt1f2PrVYwzUPLWC376aIW5V1DLoBYUFvJbb2yJvE7Wk= last-modified Sun, 08 Jul 2018 08:50:59 GMT server cloudflare etag "68c6fc6a2c5281bf1c2cbe9b742d6b32" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id D643B493E9258CD7 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7796a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	4KD8RFI8TTAP.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	89ms 85ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/4KD8RFI8TTAP.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3045418a62af5d647581d1269996a6c5d54388bb03427d06ca2be15503a6d4af` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2214 x-amz-id-2 rdRGPdoTKo+lAVtD3bpnqFj9W/ufQMkXo5+BsPZH3szXcMdwey2lWiagsbB0QYRe2mBWPT9wHd4= last-modified Sun, 08 Jul 2018 08:50:42 GMT server cloudflare etag "748333e2d587640819463450348228b5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 8991A9D7524DC895 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7896a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	75VE9OHDX96B.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	82ms 77ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/75VE9OHDX96B.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `efd2ce021f8f876bcb3d6fdb07a496ddf6c62863bb525ab09cf3e2b805e02c84` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2204 x-amz-id-2 wcTzO2MnWVTiBIeJZ2nmFuBLfUKu8nJIoAHC3gURADo3ILRyENHvgM6VG63OS2AjeM7w/oxbwH8= last-modified Sun, 08 Jul 2018 08:50:47 GMT server cloudflare etag "302b768c15dee03a13a0d1bd4aa57bf9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id F30098C88A50B6DE cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7996a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	B859P6CEX6JK.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	91ms 86ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/B859P6CEX6JK.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d60bb159f18ba4d1d25f4a1e3a34c6c73ef38fce055289c257bdb3b39aaed819` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 1949 x-amz-id-2 PJeZaVguiWNVbvHt/DuiTfu8lg7cgA5BX1UthvE18GqDZCj+HrtsZ3taV+YhTx+5Ozk+LLkmNNY= last-modified Sun, 08 Jul 2018 08:50:54 GMT server cloudflare etag "94f0c68b86a4eac626e220b880bbc5af" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id DCBD92835A86BF70 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7a96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	KL5OCEGGIWR1.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	84ms 80ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/KL5OCEGGIWR1.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3acf7a898383a6eba1b8a1c91ba7a3bfe1fa6ad698e98c5f9c7218ce85b360d9` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1399 status 200 content-type image/jpeg content-length 2291 x-amz-id-2 EI8A6XlrrMIdalBpNsav/U7bwJHArLDCQAOh6QBxSZCGhxAwu+eKAX4XEjR7rcz3Jz6T33PANPc= last-modified Sun, 08 Jul 2018 08:51:10 GMT server cloudflare etag "a18ee5f28d9e76f9f7925a6172187603" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id E89AFAAC01DCD032 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7b96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	5HOHARI6DC38.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	83ms 79ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/5HOHARI6DC38.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `46c682794169f608b2ee59ee41362c4e8b7860fa84136b6672f5730eff5852b3` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 1807 x-amz-id-2 qY+QJwr4+HQmlbVXRJeNLJplXygbMfI6/DRfQ1CoHa7TpoY7KPfOWqK2FwyHqBEYJ8LNBeSmX8s= last-modified Sun, 08 Jul 2018 08:50:44 GMT server cloudflare etag "e04e2969fd45067147164c8e4af9e5c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id C5211974F8051592 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f7e96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	Y1GTBQXG1ZK7.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	91ms 87ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/Y1GTBQXG1ZK7.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e4d3030130a0e6c81245ef24fe656c096f564c0b16357566d15f8ff2eeb2e228` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2014 x-amz-id-2 l/4lAoeTSffJcub3zcnBsxLMmiDqOXnmFL66CNOhdbb7ISRgbpwwb47zUaFu8QwJiSifYwScRt0= last-modified Sun, 08 Jul 2018 08:51:36 GMT server cloudflare etag "2aa8a111c6eefc66e6f9c77a23e8ecbc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 8E900E5EFC55D954 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8096a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	3UKG08PFIE1O.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	8 KB 8 KB	82ms 79ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/3UKG08PFIE1O.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `668694721a87729665ad24ffd5619dcbc3afa26e2fa235ed19b06977098d2cef` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 8324 x-amz-id-2 Z4kOQoT3gtXoMDQf6oJbMj9RKyu2e/3p0FXO8nbcbDKv/GxoGq9wppa+zfGEHe6msYBrftTJgJs= last-modified Sun, 08 Jul 2018 08:50:40 GMT server cloudflare etag "0e62677b68e2792f3cd1cbf356f43ac1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 7D73612AE91F7CBF cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8196a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	1TLCAZ0SJ2S7.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	363ms 360ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/1TLCAZ0SJ2S7.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1cb45277a924d2dc27a04670b277e6789e941e5bda4a09e998534ff2f471ee18` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2280 x-amz-id-2 sBXmyoHYivbjmNzznv0EU5JdBgD1ihu/KY5P7QF/fEV3sNMcjlANoIRwDRVwAU1IhVlFiu5RZiI= last-modified Sun, 08 Jul 2018 08:50:37 GMT server cloudflare etag "a3dd8daa95628088981c7f6d80ac3546" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id CA10A9C7482CE928 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8396a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	CNGY5T8KXVMD.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	86ms 83ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/CNGY5T8KXVMD.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c1c0ce8d2aa837415a469d7b8fb55f11ba81a214b1353abc3ac5c5aec1a7f908` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2225 x-amz-id-2 DL5ORfKsW823Ls9puStqrOws22s97yQRa7mRUs0rO2mye7+OGGShsph4HOk5xwRneK72Oeflbn8= last-modified Sun, 08 Jul 2018 08:50:56 GMT server cloudflare etag "781f96ba3cbad71ec028e0d78303c269" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 9FFD09492E85D267 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8496a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	JHYR1DTZPOVI.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	161ms 159ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/JHYR1DTZPOVI.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `efd2f96ae3e57aa3d7fd473e6941556223bb23ce177c89dfff9ea0e60d8c0875` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2082 x-amz-id-2 vakhk2LWrvLcPNFKd4fm00Y2MDJl9l0t2F1irPDWmPqNEIgYqU8qJ5BBrR5WWedtV0MiFyVAF0Q= last-modified Sun, 08 Jul 2018 08:51:08 GMT server cloudflare etag "c9e41cbd351cceda0cbd50ee646f98f3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id E9F5CD6D1CCA8989 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8696a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	JS7AT5SB4IMT.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	85ms 82ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/JS7AT5SB4IMT.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c290964f0205b74246704162b54b7a223286f1ca4f5b851276c17ab38c918cb2` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2060 x-amz-id-2 /T21xzxwvv0O3ThtqrBPfaACjzsCuemB9tB3yGXmbW/5/SjvQ1fydGuW3RMcYmrjaGfETAYtY5s= last-modified Sun, 08 Jul 2018 08:51:09 GMT server cloudflare etag "54196621dbf71933e58eb0c741c14093" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 000B63ABFB261B41 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8796a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	FCAEIAUK3FWW.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	84ms 81ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/FCAEIAUK3FWW.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `155de31bca763f11353524361f207f029ab33367a28e6c488b9b7522aac7d52f` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2027 x-amz-id-2 3wtiBlB1vyz+xV8V6B8iWESCQZl6zdN7HMKTjcneR2X9yCpBu8Z/iK1QI+qX3NhtKVv/duWi+1Y= last-modified Sun, 08 Jul 2018 08:51:01 GMT server cloudflare etag "242de4e4ce746286d3a51bf27be5659e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 471A824DDC45ECEB cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8896a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	S54BYKOMC8LM.jpg cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	2 KB 2 KB	163ms 160ms	Image image/jpeg	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/S54BYKOMC8LM.jpg Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c2d94f8212b0f52cb07f8b554d15c0c7a8378246d19b4092cf151bb6ea4aa979` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/jpeg content-length 2162 x-amz-id-2 Qr2bjfx6uO8Boh5SM96l+Xt5xmzahFi0ZqSw3xWNQ+AirsC8YEf57Hj1WaPfRh8IpZGiPh3e0W8= last-modified Sun, 08 Jul 2018 08:51:25 GMT server cloudflare etag "1a512c264441d8996d98f5ea3019959b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id F4D6FBEDA7DBECB0 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8a96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	A8ZGPI61VHY4.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	145 B 337 B	165ms 163ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/A8ZGPI61VHY4.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `8367ae9bd5863111131893b199cf0c12d7f26edc07a59d103d1d973134e47b59` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 145 x-amz-id-2 NarHNs0aoz/ybUX+xNTQHnd/NTjMV51vLbOAhYaoGfCU+1AR0xxzAAvJVJKcqTD3gCR4t1Btm5c= last-modified Sun, 08 Jul 2018 08:50:52 GMT server cloudflare etag "356109e572e48dcb23c0573afbeaafef" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 893422215003ACC4 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8b96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	ZAKI4OOEGQG0.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	186 B 381 B	166ms 164ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/ZAKI4OOEGQG0.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ad0f9f178b951fa85cba297c4e91579dc9269c7eb81e8fa6abda2004382fb644` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 186 x-amz-id-2 BBVzTXPzR8PtlibVS9eB2Ek2JZYxAWX+76yYqgvUXwIuD2X39BifI2ZbqF0CfCzAVbREU2+yBxo= last-modified Sun, 08 Jul 2018 08:51:38 GMT server cloudflare etag "78d361cb69d0ad2ce15ab0a0e98ffdb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 03418163AD5DD288 cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8e96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	4H0JPV91E863.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	351 B 656 B	163ms 161ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/4H0JPV91E863.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `893e53e9ff154117a409c6e4f5a68487cea13e361d8c75f68a69fc8757f60183` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 351 x-amz-id-2 VWp2dl9JBEBMJW4EN6bTosY5ZAl72FzZO8cXheZDQy+Y2gERK4qb3fRL+LpDIVyhIJj3GqRmKGw= last-modified Sun, 08 Jul 2018 08:50:42 GMT server cloudflare etag "bb289c39269ee24b327b6f2fd42a1c48" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 6F423E4F5D74658B cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f8f96a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	FKUWLI92WZ3A.png cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	342 B 592 B	161ms 159ms	Image image/png	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/FKUWLI92WZ3A.png Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `bb6c99198031f909b05e820c81e18b026f63967576f91bb7ed9d0d2b092a707f` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT cf-cache-status HIT age 1492 status 200 content-type image/png content-length 342 x-amz-id-2 dLh9Jqyzlx2RXvKuXKyLWUpqTzAp4Z4RxHalKgbp2MQt1rv+tXS5BqZMnogfRNhkVzbLm5aJCWU= last-modified Sun, 08 Jul 2018 08:51:02 GMT server cloudflare etag "fbe756f9649647c58663aa370277e6d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id DC8BC114A127791A cache-control public, max-age=14400 accept-ranges bytes cf-ray 4ef07bf35f9096a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	383K189AU2T5.js Show response cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	95 KB 32 KB	56ms 54ms	Script application/javascript	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/383K189AU2T5.js Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f89eaecc1bc796ffe319e14ed64b0494dcbbbb5038c436709ebb01dd6774dd65` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding br cf-cache-status HIT age 1493 x-amz-meta-x-amz-meta-title jquery-1 status 200 x-amz-request-id 2370E92C09A29A03 x-amz-id-2 knAleq9+EgvHC2mAbBhupbfyu4KMEPc2kcX89FxgpNhaE9DUnQ73I1o0DM9fJkBp1UngQ8LyY3I= last-modified Sun, 08 Jul 2018 08:50:39 GMT server cloudflare etag W/"406ad3d25143d1425a105cec821433db" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 4ef07bf2ce7396a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	VC37MYGKZ0YM.js Show response cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	36 KB 10 KB	23ms 22ms	Script application/javascript	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/VC37MYGKZ0YM.js Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `49315ad411e544cf3fbca2078a5978545caa87c029a8066321a35a56c8dbf552` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding br cf-cache-status HIT age 4679 x-amz-meta-x-amz-meta-title MS_135 status 200 x-amz-request-id AA5CA03CB418AE9B x-amz-id-2 MFTvFyHRzmtwXVGwwGMbmw/N6cAE4NCf4EZDF9mMZ5wqiBzBBPEBIdsZWIRTuMteuqamhHqvf10= last-modified Sun, 08 Jul 2018 08:51:31 GMT server cloudflare etag W/"534b72a886bec425f479a3a6602956df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 4ef07bf2ce7496a4-FRA expires Sun, 30 Jun 2019 17:28:35 GMT
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	389ms 22ms	Script application/javascript	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 13:28:35 GMT Content-Encoding gzip Last-Modified Sat, 20 Jan 2018 17:26:44 GMT Server nginx ETag W/"5a637bd4-1538f" Vary Accept-Encoding X-HW 1561901315.dop020.am5.shc,1561901315.dop020.am5.t,1561901315.cds115.am5.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30288
GET H2	404	fontawesome-webfont3e6e.woff2 cdn.samirpooper.club/fonts/	0 0	368ms 286ms	Font text/html	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/fonts/fontawesome-webfont3e6e.woff2?v=4.7.0 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/84847ffa3d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/GD1Z4TBT572L.css Origin http://newsweeks.net Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding br cf-cache-status EXPIRED server cloudflare x-amz-request-id F4936557BBA6745F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, HEAD content-type text/html; charset=utf-8 status 404 cache-control public, max-age=14400 cf-ray 4ef07bf3cbb027a8-FRA access-control-allow-origin * x-amz-id-2 V/S8gPCBYnV2xoKWcHRE/CG3dNTP+MEaPhx1e+mdLYPd2PzrxkonwKyquUAvQsjeFB1ToPLumrg= expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	84847ffa3d.css use.fontawesome.com/	1 KB 685 B	89ms 84ms	Stylesheet text/css	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/84847ffa3d.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/84847ffa3d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `c2533417aaebc1d0690d986b3331ce2cd6ccd6ddc7a8f0e24930b7e686f97507` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding gzip last-modified Fri, 19 Aug 2016 01:05:15 GMT server NetDNA-cache/2.2 x-amz-request-id E031A8FFD87FCEC7 etag W/"504a1421043b4149589a71edc1ed0ef9" x-cache HIT content-type text/css status 200 cache-control max-age=0, private, must-revalidate x-amz-id-2 1bOoQithMx9ENEjkxxaId9agBYj8dKFIJe8GKVOswAsh0fm8wOuNlw62mJyhF+MZSm6uYQg1mFk=
GET H2	404	files_like.html cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/	0 0	212ms 210ms	Image text/html	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/files_like.html Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/CSQFDN9JIF5C.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.6.3/css/	28 KB 7 KB	73ms 73ms	Stylesheet text/css	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5` Request headers Referer http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding gzip last-modified Thu, 12 May 2016 16:47:01 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"7937bc10f6c59ceed1ff6e6bbebfcd8d" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	404	fontawesome-webfont3e6e.woff cdn.samirpooper.club/fonts/	0 0	218ms 218ms	Font text/html	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/fonts/fontawesome-webfont3e6e.woff?v=4.7.0 Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/GD1Z4TBT572L.css Origin http://newsweeks.net Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding br cf-cache-status EXPIRED server cloudflare x-amz-request-id 414FFE51DEFF63F8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, HEAD content-type text/html; charset=utf-8 status 404 cache-control public, max-age=14400 cf-ray 4ef07bf6dda327a8-FRA access-control-allow-origin * x-amz-id-2 Jvmz8G615vm1wxP8EnlTHvIb1waSmfdXDc6WG4oEG2yoDu8q1qWi5fdV1FVFu7WyLUuPllmaRWY= expires Sun, 30 Jun 2019 17:28:35 GMT
GET H2	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.6.3/fonts/	70 KB 71 KB	99ms 58ms	Font application/octet-stream	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2 Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.fontawesome.com/84847ffa3d.css Origin http://newsweeks.net Response headers date Sun, 30 Jun 2019 13:28:35 GMT content-encoding gzip last-modified Thu, 12 May 2016 16:47:01 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"e6cf7c6ec7c2d6f670ae9d762604cb0b" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/octet-stream status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	404	fontawesome-webfont3e6e.ttf cdn.samirpooper.club/fonts/	0 0	206ms 205ms	Font text/html	2606:4700:30::6818:78ae Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.samirpooper.club/fonts/fontawesome-webfont3e6e.ttf?v=4.7.0 Requested by Host: newsweeks.net URL: http://newsweeks.net/Finance-News-GroomInvets/Groom-Invets.html?cep=Dwij9Nz8zX49mPcXnQ1yB2-Mny5YUaoi2PsfbqbXQJ08ME3Bf6tpp4X6BuIbaDrQ3N872FHbPMCS6rFqQGEn8qHG17hwuZmNsVv6dKzUBNU5weAs16vXEk2txAvX-oM07wae67aO_FiemFz3raAWTY3oi-zIqy8mSvx9MbgurLjB3QT6DOsP5sy3NqrQQJWq2BMDzJ7WKCwOoO7UFBemQWApghMh1F7coZQqgd8L28ShfkZlfdymiNnCQhIpprms2U6_K6jNlQmM1zjNnsMswpLvC6r_hOxBKK-9p3Gss_PRwrMZw8s0sT0fHnkC36BlFeksOpvtB7cTwUdljNchzlFqz7qfEr6hUtdVh4tFyGpeON87rgOtihSO6BIPd8mS&sourceid=ts464-internationalemail-general&campaignid=34315&clickid=1561901314.05-109977769-34315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6818:78ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://cdn.samirpooper.club/ad5dfcf21311478a28f179b688ac9734/GD1Z4TBT572L.css Origin http://newsweeks.net Response headers date Sun, 30 Jun 2019 13:28:36 GMT content-encoding br cf-cache-status EXPIRED server cloudflare x-amz-request-id F1637B74FB9AA146 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE, HEAD content-type text/html; charset=utf-8 status 404 cache-control public, max-age=14400 cf-ray 4ef07bf85e7c27a8-FRA access-control-allow-origin * x-amz-id-2 c8JUcLXFXP2U1sgEm4jv1XHjTBsyuv7uJZroiDhjKPF1Q4JHYLr4uO9di+PYQ+AWFV8B+rjfcK0= expires Sun, 30 Jun 2019 17:28:36 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beagedure-minalogy.com
bit.ly
cdn.samirpooper.club
code.jquery.com
go.kyakte.com
i.imgur.com
newsweeks.net
rapid-cdn.com
sunflowermax.com
use.fontawesome.com
wagetotal.com
151.101.112.193
166.62.27.179
18.195.149.11
193.107.89.150
205.185.208.52
23.111.9.35
23.95.199.197
2606:4700:30::6818:78ae
2606:4700:30::681b:915f
66.172.12.145
67.199.248.10
0c1e7b1db7500e29695696c58964bce30dd8b0cf7c34056f04230a16dbd7d6d9
0efcad6b654b9bd60f8bcbea6508c285ffc0cac98cbb8c8ab3fc24b4778d0752
155de31bca763f11353524361f207f029ab33367a28e6c488b9b7522aac7d52f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1936808ae4190a7594bd2c1352710814c561acfdf8d5cc78c757aa3c4097ae3b
1b501c1c1eb7b8b51bf0eade4c9e4aee57ad59ff5a066754939570ba73f33167
1cb45277a924d2dc27a04670b277e6789e941e5bda4a09e998534ff2f471ee18
244b13e2802632ca2c7ec80f1b3d1d25662a697477950223a51efbd202671c40
3045418a62af5d647581d1269996a6c5d54388bb03427d06ca2be15503a6d4af
3acf7a898383a6eba1b8a1c91ba7a3bfe1fa6ad698e98c5f9c7218ce85b360d9
46c682794169f608b2ee59ee41362c4e8b7860fa84136b6672f5730eff5852b3
49315ad411e544cf3fbca2078a5978545caa87c029a8066321a35a56c8dbf552
4e83e0511fd3e5677a4554c36d5845b4ceeb7af7a26d92689da0c3224eda1ac9
532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
668694721a87729665ad24ffd5619dcbc3afa26e2fa235ed19b06977098d2cef
684b8492272a844993723a7ddb1e2b373d078afeb5140129a51eb05333e56529
68dc6b95f5eb26befd3cf7a2b70c9978d7c007bd60724dd924100bf5831bd4f1
79e06b3f7595bd8ba6142b7a39c6dadf50cb4d4e1e84a9af0e856a1212b13eab
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e303891d2b1ab4129f7a38166092f20d03118d93e0ec9a6bbb493a8038c2929
7e5525908ee7ec23615e4285a68f350c16425048714ec50634d447635a5874a8
7ec043f47b278ee961e7659a4a96a0de5cb616624b55d25a53dd6e0dcc3e6528
80efff5fdd714454fcc58c5278a82556bbf0f33e6fb6f8d678400621fbd1d7e1
8367ae9bd5863111131893b199cf0c12d7f26edc07a59d103d1d973134e47b59
893e53e9ff154117a409c6e4f5a68487cea13e361d8c75f68a69fc8757f60183
9be1dae4c7265d92bea2caf56299114e558cbd9b98f218094c0623b855373be8
9e9b63a7f162e26353cd027cb9117c7b9577a73571abbb9c39453efb6854fe6d
ad0f9f178b951fa85cba297c4e91579dc9269c7eb81e8fa6abda2004382fb644
b27f2764b9d13bf19d1a163121239857282082b849a34bb62a45449f4248e323
b706e60bc13b393fab7ffa62fa4d17a7d601b45d3b6944c4d62dd60e2b895823
b7b29a73e9e3856ab5c746bf34ad175d3a29fcfa08efc794660a930ac2194f37
b8954ecbc763f4c6a54e38166638ea745f43a82de199c89f8e9f845bcb26f289
bac134cb6ea5cf5373799a4f0c2f03112f0cb833ce836a80004bced4408596df
bb6c99198031f909b05e820c81e18b026f63967576f91bb7ed9d0d2b092a707f
c1604b001ca99ed50994eb1e8f9830ae2139e56acbb1dbd3b7504fec9f45754a
c1c0ce8d2aa837415a469d7b8fb55f11ba81a214b1353abc3ac5c5aec1a7f908
c2533417aaebc1d0690d986b3331ce2cd6ccd6ddc7a8f0e24930b7e686f97507
c290964f0205b74246704162b54b7a223286f1ca4f5b851276c17ab38c918cb2
c2d94f8212b0f52cb07f8b554d15c0c7a8378246d19b4092cf151bb6ea4aa979
d3249a909b8945ef7c04e2583df2f67416f3a09e5b4e58683af1dc8bc6be6886
d36c02dee9e1e7aea6848514ee2101401e67091bec3e90ffda309ce8e4a020f0
d60bb159f18ba4d1d25f4a1e3a34c6c73ef38fce055289c257bdb3b39aaed819
d7c7e71717664e93c4d9290f158c612d3ac33b44995a350c2d029ddf3702154c
d986f3c3eed448af16715da6fae9015a7124548411faaf7d7b876adf9a27b3db
de793b33f9f2118d651ce2a11334beffb4d18601d47d656029792c04329e2c76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d3030130a0e6c81245ef24fe656c096f564c0b16357566d15f8ff2eeb2e228
efd2ce021f8f876bcb3d6fdb07a496ddf6c62863bb525ab09cf3e2b805e02c84
efd2f96ae3e57aa3d7fd473e6941556223bb23ce177c89dfff9ea0e60d8c0875
f89eaecc1bc796ffe319e14ed64b0494dcbbbb5038c436709ebb01dd6774dd65
fcdc6e15fff5984b61e10a52105837e1191611f96319b39f7c59a4541bd46536

newsweeks.net Open in urlscan Pro 166.62.27.179 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

88 %HTTPS

18 %IPv6

11 Domains

11 Subdomains

8 IPs

3 Countries

965 kBTransfer

1303 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsweeks.net Open in urlscan Pro
166.62.27.179 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

88 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

8
IPs

3
Countries

965 kB
Transfer

1303 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!