sls.wordingpressure.club Open in urlscan Pro
104.31.64.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t1.wiseforwarding.com/38495d6?p=000364_001555_774&sid=1904241608a53d092435f66c
Effective URL:
https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Submission: On April 25 via manual (April 25th 2019, 10:42:08 am UTC) from IN

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 14 domains to perform 22 HTTP transactions. The main IP is 104.31.64.141, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is sls.wordingpressure.club.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 21st 2019. Valid for: 6 months.

This is the only time sls.wordingpressure.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.173.59.108 35.173.59.108	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	52.202.75.231 52.202.75.231	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	54.165.78.175 54.165.78.175	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
1 1	37.187.75.92 37.187.75.92	16276 (OVH) (OVH)
3	104.31.64.141 104.31.64.141	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
9	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
22	9

1 35.173.59.108 (Seattle, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-59-108.compute-1.amazonaws.com

t1.wiseforwarding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.75.231 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-75-231.compute-1.amazonaws.com

t1.contentgreat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.78.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-78-175.compute-1.amazonaws.com

t1.trackingneat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

mob.flamingmargarita.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.75.92 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3365200.ip-37-187-75.eu

track1.seawind.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.31.64.141 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

sls.wordingpressure.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	revcontent.com img.revcontent.com	120 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	wordingpressure.club sls.wordingpressure.club	14 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	fontawesome.com use.fontawesome.com	12 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	21 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
1	seawind.online 1 redirects track1.seawind.online	306 B
1	flamingmargarita.club 1 redirects mob.flamingmargarita.club	227 B
1	trackingneat.com 1 redirects t1.trackingneat.com	332 B
1	contentgreat.com 1 redirects t1.contentgreat.com	628 B
1	wiseforwarding.com 1 redirects t1.wiseforwarding.com	1 KB
22	14

	Domain	Requested by
9	img.revcontent.com
3	fonts.googleapis.com	sls.wordingpressure.club
3	sls.wordingpressure.club	sls.wordingpressure.club
2	fonts.gstatic.com	sls.wordingpressure.club
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	stats.g.doubleclick.net	sls.wordingpressure.club
1	use.fontawesome.com	sls.wordingpressure.club
1	stackpath.bootstrapcdn.com	sls.wordingpressure.club
1	www.googletagmanager.com	sls.wordingpressure.club
1	track1.seawind.online	1 redirects
1	mob.flamingmargarita.club	1 redirects
1	t1.trackingneat.com	1 redirects
1	t1.contentgreat.com	1 redirects
1	t1.wiseforwarding.com	1 redirects
22	14

This site contains no links.

Subject Issuer	Validity	Valid
sni166153.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-21` - `2019-09-27`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.revcontent.com DigiCert SHA2 Secure Server CA	`2018-05-20` - `2019-08-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Frame ID: B8BC8B2E3850FB2C7B3243CC896BB7C7
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t1.wiseforwarding.com/38495d6?p=000364_001555_774&sid=1904241608a53d092435f66c HTTP 302
https://t1.contentgreat.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001555_774&s=1236&st=1377&f=4&sh... HTTP 302
http://t1.trackingneat.com/3101rca?a=38495d6&c=0&callback_url=http%3A%2F%2Ftracking.aedgency.com%2Fs2s_... HTTP 302
https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&s... HTTP 302
http://track1.seawind.online/l.php?trf=m&d=5cc058a85f5f9058d66c23be&portal=custom_67325hw&source=136105 HTTP 302
https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

22
Requests

100 %
HTTPS

36 %
IPv6

14
Domains

14
Subdomains

9
IPs

3
Countries

235 kB
Transfer

490 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t1.wiseforwarding.com/38495d6?p=000364_001555_774&sid=1904241608a53d092435f66c HTTP 302
https://t1.contentgreat.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001555_774&s=1236&st=1377&f=4&sh=75&ct=&w=&h=&isp=UK%20Web.Solutions%20Direct%20Ltd&callback_url=http%3A%2F%2Ftracking.aedgency.com%2Fs2s_tracker.php%3Fpartner_id%3D2361%26program_id%3D666999%26commission%3D%7Bpayout%7D%26subid1%3D%7Bsid%7D%26token%3Deb6aa71380213ab100af69a925c2bb48%26payout_type%3DCPL%26currency%3DUSD%26flag%3D1&xcl=mobrain_173222&sid=1904241608a53d092435f66c HTTP 302
http://t1.trackingneat.com/3101rca?a=38495d6&c=0&callback_url=http%3A%2F%2Ftracking.aedgency.com%2Fs2s_tracker.php%3Fpartner_id%3D2361%26program_id%3D666999%26commission%3D%7Bpayout%7D%26subid1%3D%7Bsid%7D%26token%3Deb6aa71380213ab100af69a925c2bb48%26payout_type%3DCPL%26currency%3DUSD%26flag%3D1&f=4&p=001236_000364_001555_774&po=&s=1236&sh=75&sid=1904241608a53d092435f66c&st=1377&xcl=mobrain_173222 HTTP 302
https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&subid2=001236_000364_001555_774&query=1904250741a57150f4a06fe5 HTTP 302
http://track1.seawind.online/l.php?trf=m&d=5cc058a85f5f9058d66c23be&portal=custom_67325hw&source=136105 HTTP 302
https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=517900376&t=pageview&_s=1&dl=https%3A%2F%2Fsls.wordingpressure.club%2Fphenomenal%2F%3Fclick_id%3D5cc18ed35f5f9056e014e8c5&ul=en-us&de=UTF-8&dt=Sponsored%20Offers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1124426533&gjid=201799332&cid=2011471055.1556188912&tid=UA-109145051-6&_gid=1158603136.1556188912&_r=1&gtm=2ou430&z=1845460854 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109145051-6&cid=2011471055.1556188912&jid=1124426533&_gid=1158603136.1556188912&gjid=201799332&_v=j73&z=1845460854

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sls.wordingpressure.club/phenomenal/
Redirect Chain

http://t1.wiseforwarding.com/38495d6?p=000364_001555_774&sid=1904241608a53d092435f66c
https://t1.contentgreat.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001555_774&s=1236&st=1377&f=4&sh=75&ct=&w=&h=&isp=UK%20Web.Solutions%20Direct%20Ltd&callback_url=http%3A%2F%2Ftracking.aedgen...
http://t1.trackingneat.com/3101rca?a=38495d6&c=0&callback_url=http%3A%2F%2Ftracking.aedgency.com%2Fs2s_tracker.php%3Fpartner_id%3D2361%26program_id%3D666999%26commission%3D%7Bpayout%7D%26subid1%3D%...
https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&subid2=001236_000364_001555_774&query=1904250741a57150f4a06fe5
http://track1.seawind.online/l.php?trf=m&d=5cc058a85f5f9058d66c23be&portal=custom_67325hw&source=136105
https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

10 KB
3 KB

210ms
118ms

Document
text/html

104.31.64.141
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.31.64.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6de0ec7551051c1d71a8a813ca4a99e6b673e2435f6f0baa219cec79f16a5676

Request headers

:method: GET
:authority: sls.wordingpressure.club
:scheme: https
:path: /phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 25 Apr 2019 10:41:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d62db14f979936d549b1c537fca2f4a581556188912; expires=Fri, 24-Apr-20 10:41:52 GMT; path=/; domain=.wordingpressure.club; HttpOnly
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ccfb4fd89d0c763-AMS
content-encoding: br

Redirect headers

Server: nginx/1.14.0
Date: Thu, 25 Apr 2019 10:41:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c59d11f5f5f905929738efd
Raund: 105d5j7xve
Location: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 63 KB
24 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109145051-6

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

8f32c3405f2157593e754cef4556878c3b067088ee0d923460dff626032bd2f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 20:14:55 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24713
x-xss-protection: 0
expires: Thu, 25 Apr 2019 10:41:52 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
21 KB 93ms
29ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by: Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Origin: https://sls.wordingpressure.club

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:11 GMT
access-control-allow-origin: *
etag: "1544639651"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 21050

GET
H2 200 css
fonts.googleapis.com/ 9 KB
747 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

41c7b4715387c6fdc45c68fb20e8e9dccf8338b7e460cd9888cb468fed841686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 25 Apr 2019 10:41:52 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 25 Apr 2019 10:41:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2019 10:41:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
718 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

280046a0512f77f7e21751256c421659f499ce39c41a9786980e6726cad4388c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 25 Apr 2019 10:41:52 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 25 Apr 2019 10:41:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2019 10:41:52 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 55ms
13ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Origin: https://sls.wordingpressure.club

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
710 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

5bd339de8cf96fa4e00c166e2ed6eb89045a743553066d952af28e76b51fae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 25 Apr 2019 10:41:52 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 25 Apr 2019 10:41:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2019 10:41:52 GMT

GET
H2 200 email-decode.min.js Show response
sls.wordingpressure.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
833 B 23ms
22ms Script
application/javascript 104.31.64.141
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://sls.wordingpressure.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.31.64.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d62db14f979936d549b1c537fca2f4a581556188912
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: sls.wordingpressure.club
referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
:scheme: https
:method: GET
Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 23 Apr 2019 11:04:12 GMT
server: cloudflare
etag: W/"5cbef12c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 4ccfb4fe5bf6c763-AMS
expires: Sat, 27 Apr 2019 10:41:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109145051-6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 4165
date: Thu, 25 Apr 2019 09:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Thu, 25 Apr 2019 11:32:27 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=517900376&t=pageview&_s=1&dl=https%3A%2F%2Fsls.wordingpressure.club%2Fphenomenal%2F%3Fclick_id%3D5cc18ed35f5f9056e014e8c5&ul=en-us&de=UTF-8&d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109145051-6&cid=2011471055.1556188912&jid=1124426533&_gid=1158603136.1556188912&gjid=201799332&_v=j73&z=1845460854

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0a::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109145051-6&cid=2011471055.1556188912&jid=1124426533&_gid=1158603136.1556188912&gjid=201799332&_v=j73&z=1845460854

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 25 Apr 2019 10:41:52 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109145051-6&cid=2011471055.1556188912&jid=1124426533&_gid=1158603136.1556188912&gjid=201799332&_v=j73&z=1845460854
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://sls.wordingpressure.club

Response headers

date: Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 2643740
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:32 GMT

GET
H2 200 1.php Show response
sls.wordingpressure.club/phenomenal/ 21 KB
11 KB 189ms
188ms Script
text/javascript 104.31.64.141
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sls.wordingpressure.club/phenomenal/1.php?x=289674ce1a27fe96780e7278bf6ac887&pid=&language=ZW4tVVM=&languages=WyJlbi1VUyJd&platform=TGludXggeDg2XzY0&product=R2Vja28=&productSub=MjAwMzAxMDc=&userAgent=TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2&vendor=R29vZ2xlIEluYy4=&vendorSub=&width=1600&height=1200
Requested by: Host: sls.wordingpressure.club
URL: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.31.64.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea5d421a883547c31e7dd88e2038ba613bfd1f2615cb9b648d562a9ebba3294

Request headers

:path: /phenomenal/1.php?x=289674ce1a27fe96780e7278bf6ac887&pid=&language=ZW4tVVM=&languages=WyJlbi1VUyJd&platform=TGludXggeDg2XzY0&product=R2Vja28=&productSub=MjAwMzAxMDc=&userAgent=TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2&vendor=R29vZ2xlIEluYy4=&vendorSub=&width=1600&height=1200
pragma: no-cache
cookie: __cfduid=d62db14f979936d549b1c537fca2f4a581556188912; _ga=GA1.2.2011471055.1556188912; _gid=GA1.2.1158603136.1556188912; _gat_gtag_UA_109145051_6=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: sls.wordingpressure.club
referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
:scheme: https
:method: GET
Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
status: 200
set-cookie: allowClick=1; expires=Fri, 26-Apr-2019 10:41:52 GMT; Max-Age=86400; path=/
cf-ray: 4ccfb4ff0d99c763-AMS

GET
H2 200 /
img.revcontent.com/ 13 KB
14 KB 100ms
26ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/p0/assets/content_images/emb/04b1b5ad7eaf94561a81729bc8b882dd-0.png&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5ee7ec67d4352af455419132d6023333be50f41808bcc1238f254da1327f1d54

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Sat, 09 Feb 2019 16:07:18 GMT
etag: "1549728438"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds026.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13802

GET
H2 200 /
img.revcontent.com/ 13 KB
13 KB 99ms
26ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15458317541637508093.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: fa72a84dfab71d4b505e775bdbaa5e338aa042874522bf849a1f7a8eff914646

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Wed, 26 Dec 2018 13:42:35 GMT
etag: "1545831755"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds015.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13209

GET
H2 200 /
img.revcontent.com/ 12 KB
12 KB 102ms
29ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15206401981937958898.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a3d1bb31214b862fd842627f061ca75202cb8022841f03644f3fc7d87bf6e8c4

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Sat, 10 Mar 2018 00:03:19 GMT
etag: "1520640199"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds136.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11950

GET
H2 200 /
img.revcontent.com/ 17 KB
17 KB 88ms
16ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/p0/assets/content_images/emb/0e1e6f821ef83547b18323fac5182775-0.png&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: f20303f46ad0aac52111ce68b0d1d401e7e07704a6ec27a3ebf12eaf389a78a5

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Fri, 01 Mar 2019 11:22:17 GMT
etag: "1551439337"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds062.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17287

GET
H2 200 /
img.revcontent.com/ 10 KB
10 KB 102ms
29ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15488914081793828755.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7aff34a8e4c79550f0a7119eca6040f6ffc2a2f251ea21c18d336807ca2045bd

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Wed, 30 Jan 2019 23:36:49 GMT
etag: "1548891409"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds059.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10008

GET
H2 200 /
img.revcontent.com/ 17 KB
17 KB 102ms
30ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15202874210534515755.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4cdcf6636f1e8aa7a5abbd084c684e66a4fcb0593fc53d98d0fd655b6bfafd9b

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Mon, 05 Mar 2018 22:03:42 GMT
etag: "1520287422"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds066.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17150

GET
H2 200 /
img.revcontent.com/ 16 KB
17 KB 96ms
30ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15206382320982508060.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2ed4a9807977e03be4916066cdfc8f005a71c0f5e6dc01bd5d81145c625edcfd

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Fri, 09 Mar 2018 23:30:33 GMT
etag: "1520638233"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds061.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16773

GET
H2 200 /
img.revcontent.com/ 12 KB
12 KB 82ms
15ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/93d1db13755e1414698e30e8d0eb9f94.png&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 24bf4ad6705c22f84b22c0c1f35261b99dfdd7e7dd11ec639e850aa411c6c380

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Mon, 18 Mar 2019 22:45:36 GMT
etag: "1552949136"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds014.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11975

GET
H2 200 /
img.revcontent.com/ 10 KB
10 KB 81ms
15ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15478281681775464919.jpg&static=true&pos=face&h=140&w=330&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 53d253619660102167261e89a402a9e50af7e7c9f3916d3d3ee8e8f75f4e636e

Request headers

Referer: https://sls.wordingpressure.club/phenomenal/?click_id=5cc18ed35f5f9056e014e8c5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 10:41:52 GMT
last-modified: Fri, 18 Jan 2019 16:16:09 GMT
etag: "1547828169"
x-hw: 1556188912.dop018.fr8.t,1556188912.cds055.fr8.hn,1556188912.cds055.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9805

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700
Origin: https://sls.wordingpressure.club

Response headers

date: Mon, 25 Mar 2019 20:22:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:06:19 GMT
server: sffe
age: 2643534
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13640
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:22:58 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wordingpressure.club/	1970-01-19 17:47:40	Name: _ga Value: GA1.2.2011471055.1556188912
sls.wordingpressure.club/	1970-01-19 00:17:55	Name: allowClick Value: 1
.wordingpressure.club/	1970-01-19 00:16:28	Name: _gat_gtag_UA_109145051_6 Value: 1
.wordingpressure.club/	1970-01-19 00:17:55	Name: _gid Value: GA1.2.1158603136.1556188912
.wordingpressure.club/	1970-01-19 09:02:04	Name: __cfduid Value: d62db14f979936d549b1c537fca2f4a581556188912

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
img.revcontent.com
mob.flamingmargarita.club
sls.wordingpressure.club
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
t1.contentgreat.com
t1.trackingneat.com
t1.wiseforwarding.com
track1.seawind.online
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
104.31.64.141
198.134.116.30
205.185.216.10
209.197.3.15
23.111.9.35
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200a
2a00:1450:4001:821::2008
2a00:1450:400c:c0a::9c
35.173.59.108
37.187.75.92
52.202.75.231
54.165.78.175
24bf4ad6705c22f84b22c0c1f35261b99dfdd7e7dd11ec639e850aa411c6c380
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
280046a0512f77f7e21751256c421659f499ce39c41a9786980e6726cad4388c
2ed4a9807977e03be4916066cdfc8f005a71c0f5e6dc01bd5d81145c625edcfd
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
41c7b4715387c6fdc45c68fb20e8e9dccf8338b7e460cd9888cb468fed841686
4cdcf6636f1e8aa7a5abbd084c684e66a4fcb0593fc53d98d0fd655b6bfafd9b
4ea5d421a883547c31e7dd88e2038ba613bfd1f2615cb9b648d562a9ebba3294
53d253619660102167261e89a402a9e50af7e7c9f3916d3d3ee8e8f75f4e636e
5bd339de8cf96fa4e00c166e2ed6eb89045a743553066d952af28e76b51fae33
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5ee7ec67d4352af455419132d6023333be50f41808bcc1238f254da1327f1d54
6de0ec7551051c1d71a8a813ca4a99e6b673e2435f6f0baa219cec79f16a5676
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7aff34a8e4c79550f0a7119eca6040f6ffc2a2f251ea21c18d336807ca2045bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8f32c3405f2157593e754cef4556878c3b067088ee0d923460dff626032bd2f6
a3d1bb31214b862fd842627f061ca75202cb8022841f03644f3fc7d87bf6e8c4
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
f20303f46ad0aac52111ce68b0d1d401e7e07704a6ec27a3ebf12eaf389a78a5
fa72a84dfab71d4b505e775bdbaa5e338aa042874522bf849a1f7a8eff914646

sls.wordingpressure.club Open in urlscan Pro 104.31.64.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

36 %IPv6

14 Domains

14 Subdomains

9 IPs

3 Countries

235 kBTransfer

490 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

5 Cookies

Indicators

sls.wordingpressure.club Open in urlscan Pro
104.31.64.141 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

36 %
IPv6

14
Domains

14
Subdomains

9
IPs

3
Countries

235 kB
Transfer

490 kB
Size

5
Cookies

22 HTTP transactions
0 data transactions