urlscan.io logo urlscan.io
SecurityTrails logo

secure.tagged.com Open in urlscan Pro
135.84.35.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.taggedmail.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_i...
Effective URL: https://secure.tagged.com/phished.html
Submission: On September 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 7 countries across 36 domains to perform 111 HTTP transactions. The main IP is 135.84.35.166, located in San Francisco, United States and belongs to TAGGED-ASN - IFWE INC, US. The main domain is secure.tagged.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 5th 2019. Valid for: 2 years.
This is the only time secure.tagged.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 9 135.84.35.166 36080 (TAGGED-ASN)
16 135.84.35.171 36080 (TAGGED-ASN)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.165 27281 (QUANTCAST)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
5 35.188.71.214 15169 (GOOGLE)
1 172.217.22.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 172.217.16.162 15169 (GOOGLE)
3 143.204.211.231 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.176 27281 (QUANTCAST)
2 2.18.235.93 16625 (AKAMAI-AS)
2 5 2.19.43.224 20940 (AKAMAI-ASN1)
2 2600:9000:20b... 16509 (AMAZON-02)
2 91.228.74.152 27281 (QUANTCAST)
2 35.226.36.58 15169 (GOOGLE)
2 185.33.223.221 29990 (ASN-APPNEXUS)
1 2.18.234.21 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.2.152 44788 (ASN-CRITE...)
1 35.156.77.44 16509 (AMAZON-02)
1 3.225.175.5 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 54.77.147.35 16509 (AMAZON-02)
1 8.44.181.100 4989 (YUMESJDC01)
2 104.16.190.66 13335 (CLOUDFLAR...)
1 69.173.144.141 26667 (RUBICONPR...)
1 3 34.95.120.147 15169 (GOOGLE)
1 18.196.104.43 16509 (AMAZON-02)
2 91.228.72.18 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.130 44788 (ASN-CRITE...)
1 2 104.17.120.107 13335 (CLOUDFLAR...)
2 151.101.113.108 54113 (FASTLY)
1 52.201.28.105 14618 (AMAZON-AES)
1 2.18.233.180 16625 (AKAMAI-AS)
1 104.109.78.125 20940 (AKAMAI-ASN1)
1 54.214.40.206 16509 (AMAZON-02)
1 52.216.179.93 16509 (AMAZON-02)
111 49
9    135.84.35.166 (San Francisco, United States)

ASN36080 (TAGGED-ASN - IFWE INC, US)
www.taggedmail.com
www.tagged.com
secure.tagged.com
16    135.84.35.171 (San Francisco, United States)

ASN36080 (TAGGED-ASN - IFWE INC, US)
secure-static.tagged.com
4    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    91.228.74.165 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
edge.quantserve.com
2    2606:4700:20::6819:bf72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
5    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    172.217.22.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
www.googletagservices.com
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
5    172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
securepubads.g.doubleclick.net
3    143.204.211.231 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-211-231.fra53.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    91.228.74.176 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
2    2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
5    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    2600:9000:20bb:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    91.228.74.152 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
2    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
2    185.33.223.221 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
1    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    35.156.77.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    3.225.175.5 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-175-5.compute-1.amazonaws.com
display.bfmio.com
2    2606:4700:10::6814:8528 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
cdn.connectad.io
2    54.77.147.35 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    8.44.181.100 (United States)

ASN4989 (YUMESJDC01 - YUME, US)
tag.1rx.io
2    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
1    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
3    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
freestar-d.openx.net
eu-u.openx.net
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    91.228.72.18 (United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
qcx.quantserve.com
4    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
6    2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
edba.brealtime.com
2    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
1    52.201.28.105 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-201-28-105.compute-1.amazonaws.com
sync.bfmio.com
1    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    54.214.40.206 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-214-40-206.us-west-2.compute.amazonaws.com
hbevents.1rx.io
1    52.216.179.93 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
24 tagged.com
www.tagged.com
secure.tagged.com
secure-static.tagged.com
317 KB
9 pub.network
a.pub.network
d.pub.network
c.pub.network
217 KB
6 ampproject.org
cdn.ampproject.org
137 KB
6 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
91 KB
6 quantserve.com
edge.quantserve.com
secure.quantserve.com
pixel.quantserve.com
qcx.quantserve.com
13 KB
5 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
39 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 facebook.com
staticxx.facebook.com
www.facebook.com
593 B
5 facebook.net
connect.facebook.net
177 KB
5 google.com
www.google.com
adservice.google.com
837 B
4 adnxs.com
ib.adnxs.com
acdn.adnxs.com
2 KB
3 openx.net
freestar-d.openx.net
eu-u.openx.net
785 B
3 amazon-adsystem.com
c.amazon-adsystem.com
25 KB
2 brealtime.com
biddr.brealtime.com
edba.brealtime.com
504 B
2 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
2 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
399 B
2 1rx.io
tag.1rx.io
hbevents.1rx.io
508 B
2 gumgum.com
g2.gumgum.com
1 KB
2 connectad.io
i.connectad.io
cdn.connectad.io
636 B
2 bfmio.com
display.bfmio.com
sync.bfmio.com
563 B
2 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
117 B
2 quantcount.com
rules.quantcount.com
1 KB
2 media.net
hbx.media.net
7 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 amazonaws.com
s3.amazonaws.com
397 B
1 criteo.net
static.criteo.net
14 KB
1 emxdgt.com
hb.emxdgt.com
309 B
1 sharethrough.com
btlr.sharethrough.com
161 B
1 criteo.com
bidder.criteo.com
215 B
1 casalemedia.com
as-sec.casalemedia.com
906 B
1 googleapis.com
fonts.googleapis.com
452 B
1 google.de
adservice.google.de
171 B
1 googletagservices.com
www.googletagservices.com
14 KB
1 gstatic.com
www.gstatic.com
92 KB
1 googletagmanager.com
www.googletagmanager.com
20 KB
1 taggedmail.com
www.taggedmail.com
733 B
111 36
Domain Requested by
16 secure-static.tagged.com secure.tagged.com
7 secure.tagged.com 2 redirects secure.tagged.com
secure-static.tagged.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
5 sb.scorecardresearch.com 2 redirects a.pub.network
secure.tagged.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
secure.tagged.com
5 d.pub.network a.pub.network
5 connect.facebook.net secure-static.tagged.com
connect.facebook.net
a.pub.network
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
secure.tagged.com
4 www.facebook.com connect.facebook.net
secure.tagged.com
4 www.google.com 1 redirects secure.tagged.com
www.gstatic.com
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
2 eu-u.openx.net 1 redirects a.pub.network
2 acdn.adnxs.com a.pub.network
2 qcx.quantserve.com a.pub.network
2 g2.gumgum.com a.pub.network
2 ib.adnxs.com a.pub.network
2 c.pub.network a.pub.network
2 pixel.quantserve.com secure.tagged.com
2 rules.quantcount.com edge.quantserve.com
2 hbx.media.net a.pub.network
hbx.media.net
2 www.google-analytics.com www.googletagmanager.com
secure.tagged.com
2 a.pub.network secure.tagged.com
a.pub.network
1 s3.amazonaws.com
1 edba.brealtime.com 1 redirects
1 hbevents.1rx.io
1 cdn.connectad.io a.pub.network
1 eus.rubiconproject.com a.pub.network
1 ads.pubmatic.com a.pub.network
1 sync.bfmio.com a.pub.network
1 biddr.brealtime.com a.pub.network
1 cdn.districtm.io a.pub.network
1 pagead2.googlesyndication.com
1 static.criteo.net a.pub.network
1 googleads.g.doubleclick.net secure.tagged.com
1 hb.emxdgt.com a.pub.network
1 freestar-d.openx.net a.pub.network
1 fastlane.rubiconproject.com a.pub.network
1 dmx.districtm.io a.pub.network
1 tag.1rx.io a.pub.network
1 i.connectad.io a.pub.network
1 display.bfmio.com a.pub.network
1 btlr.sharethrough.com a.pub.network
1 bidder.criteo.com a.pub.network
1 hbopenbid.pubmatic.com a.pub.network
1 as-sec.casalemedia.com a.pub.network
1 secure.quantserve.com a.pub.network
1 fonts.googleapis.com secure-static.tagged.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com a.pub.network
1 staticxx.facebook.com connect.facebook.net
1 www.gstatic.com www.google.com
1 www.googletagmanager.com secure.tagged.com
1 edge.quantserve.com secure.tagged.com
1 www.tagged.com 1 redirects
1 www.taggedmail.com 1 redirects
111 56

This site contains links to these domains. Also see Links.

Domain
www.tagged.com
ifwe.co
Subject Issuer Validity Valid
tagged.com
COMODO RSA Organization Validation Secure Server CA		 2019-01-05 -
2021-01-04		 2 years crt.sh
www.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
ssl376957.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-09 -
2020-01-15		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2018-09-18 -
2019-11-17		 a year crt.sh
*.bfmio.com
Amazon		 2019-06-19 -
2020-07-19		 a year crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2019-07-18 -
2020-07-17		 a year crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2017-03-22 -
2020-03-22		 3 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-09-06 -
2020-12-02		 a year crt.sh

This page contains 16 frames:

Primary Page: https://secure.tagged.com/phished.html
Frame ID: 6A2616A02119F08172FB3443D1C0F6CE
Requests: 86 HTTP requests in this frame

Frame: https://secure.tagged.com/blank.html
Frame ID: B4FDFDAB26486CB7D6D882B0447D3947
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: C88E9135A40679481575195430B548A9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&size=normal&cb=i4rukfyi8j1
Frame ID: 60767315FE8C26A63698FCB47989B024
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: 54EA231189A6CE4008657E64E65188B5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=8ukvqe26b0lu
Frame ID: 77623DAE7C3F700646458DE92B113AE5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909181902540/amp4ads-v0.js
Frame ID: 22A5B62CEE24A6691AB8176151A496DD
Requests: 13 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 10FDAF12039107B4EEB1E72B49DB8FCA
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 2972BB5705157E574E11F4DD8466EEDF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 36DE702E936F0B66F71DA66D3D1A4C72
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1569572474699
Frame ID: AC89C9BCC183DEE29937C21192E945F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 83D2221A99E2DD1627EFCB7D8B70C79C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Frame ID: B1D19ABB73D20D833616C6DE4C51C30C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A1040FA2ADFA77E7867F9EC3CEAE0C6F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: F3D3ADA8E30F53E6E373E96C65D85184
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: DE3183431F1145EDB619E39B3FBD2E74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.taggedmail.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.1... HTTP 302
    http://www.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.1... HTTP 302
    https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.1... HTTP 302
    https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1&current_user_id=122... HTTP 302
    https://secure.tagged.com/phished.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

111
Requests

100 %
HTTPS

31 %
IPv6

36
Domains

56
Subdomains

49
IPs

7
Countries

1192 kB
Transfer

3560 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.taggedmail.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-53-156-20&tn=bWVldG1lX3N1Z2dlc3Rpb25zX2hpNS0xLTUzLTE1Ni0yMA==&linkId=account_info_link_0 HTTP 302
    http://www.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-53-156-20&tn=bWVldG1lX3N1Z2dlc3Rpb25zX2hpNS0xLTUzLTE1Ni0yMA%3D%3D&linkId=account_info_link_0 HTTP 302
    https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-53-156-20&tn=bWVldG1lX3N1Z2dlc3Rpb25zX2hpNS0xLTUzLTE1Ni0yMA%3D%3D&linkId=account_info_link_0 HTTP 302
    https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-53-156-20&tn=bWVldG1lX3N1Z2dlc3Rpb25zX2hpNS0xLTUzLTE1Ni0yMA%3D%3D&linkId=account_info_link_0 HTTP 302
    https://secure.tagged.com/phished.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Request Chain 48
  • https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 109
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Request Chain 111
  • https://edba.brealtime.com/ HTTP 302
  • https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request phished.html
secure.tagged.com/
Redirect Chain
  • http://www.taggedmail.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5...
  • http://www.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-5...
  • https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1yKFfA2O8kRF.1tx7__.18_Q99&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5...
  • https://secure.tagged.com/account_info.html?ect=l3zuqfji&fid=BD7CDD290BDED3E3&al=1&current_user_id=1224688201&email_log_id=330869146163&template_name=meetme_suggestions_hi5-1-53-156-20&tn=bWVldG1lX...
  • https://secure.tagged.com/phished.html
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
b3b9428f3b3cea55353631b0e59124b224abff8205c5e008ce7dd3df64beda91
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
secure.tagged.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Cookie
S=hmm21l488ch6gjhnuato7up80n; B=b=8C3D841C756686FE&remember_me=; L=30P5hjbvqgVt.1tzspT.18_Q99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-FRAME-OPTIONS
DENY
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5805
Keep-Alive
timeout=300
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://secure.tagged.com/phished.html
Content-Length
0
Keep-Alive
timeout=300
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
0WTwa-Gh9.css
secure-static.tagged.com/dyn/css/z/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/z/0WTwa-Gh9.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
13e172e1fd934c9acf7cfbacb8431462649b79be7554cbd209cd0aa3115dd00a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jan 2018 21:56:00 GMT
Server
Apache
ETag
"3364-563a0d8671e3b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
3227
Expires
Sun, 27 Oct 2019 08:21:12 GMT
W6AxofXs_.css
secure-static.tagged.com/dyn/css/6/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/6/W6AxofXs_.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
78e12244ace6ae3034007123a5b1d63542e8b1a94d268b77298f3b214e9482e3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 15:02:03 GMT
Server
Apache
ETag
"da9b-59361ef842141-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
9708
Expires
Sun, 27 Oct 2019 08:21:12 GMT
mElnZ1Bk6_cl.js
secure-static.tagged.com/dyn/js/2/ 		110 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
17f11260e32fe25cb8c572482f049be5901fb39f26fdacfeca588c8e8f5e3c25

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 May 2019 18:30:15 GMT
Server
Apache
ETag
"1b69f-58955ec6d4ae6-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
40802
Expires
Sun, 27 Oct 2019 08:21:12 GMT
tagged_logo_basic.png
secure-static.tagged.com/im/headers/default/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-static.tagged.com/im/headers/default/tagged_logo_basic.png
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
35ca40cd00ec12c376791e23fe8e95b1bff7fcb786bcc1d23bfa524d022b95cb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Last-Modified
Tue, 20 Aug 2019 17:57:32 GMT
Server
Apache
ETag
"4c9-5909030dbbebb"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
1225
Expires
Sun, 27 Oct 2019 08:21:12 GMT
api.js
www.google.com/recaptcha/ 		729 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
465
x-xss-protection
1; mode=block
expires
Fri, 27 Sep 2019 08:21:12 GMT
I6qoNGT1-_cl.js
secure-static.tagged.com/dyn/js/O/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/O/I6qoNGT1-_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
b95cabafcf9ef68db4877eaa8dd3672c8d0ecb1cded2fa380f0f594f5ebafbf4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jan 2018 22:28:36 GMT
Server
Apache
ETag
"135f-563f1c4684e14-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
1656
Expires
Sun, 27 Oct 2019 08:21:12 GMT
_BuOTsVu6_cl.js
secure-static.tagged.com/dyn/js/Y/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/Y/_BuOTsVu6_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
9812e589715797455dcf2ae2b95ba47955d148d7efafebf174a166d99e0dcac7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 May 2019 18:30:13 GMT
Server
Apache
ETag
"151d9-58955ec5100ca-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
25766
Expires
Sun, 27 Oct 2019 08:21:12 GMT
OZdSMA8xJ.css
secure-static.tagged.com/dyn/css/H/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/H/OZdSMA8xJ.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
efe5376f6eba8ac2fe298720db0b8323f8eae62a798ca0809325663fbcf0084d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Dec 2016 20:05:57 GMT
Server
Apache
ETag
"ad6-544d19d0c4e67-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
904
Expires
Sun, 27 Oct 2019 08:21:12 GMT
DSM1P_Rp6.css
secure-static.tagged.com/dyn/css/y/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
ea55489a5a88e01c3b3c70777df6747d0b7b415717721f6ba59ed87cf487bd80

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Dec 2016 20:05:56 GMT
Server
Apache
ETag
"d07-544d19d03904e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
1098
Expires
Sun, 27 Oct 2019 08:21:13 GMT
eyk09mNXX_cl.js
secure-static.tagged.com/dyn/js/C/ 		287 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/C/eyk09mNXX_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
2ea5176ebad3dd6ad56ba98a4600772d22227ae6778021603d645ef0c7e37d14

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 15:10:56 GMT
Server
Apache
ETag
"47b34-58e6eb7551ed7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Expires
Sun, 27 Oct 2019 08:21:13 GMT
PLigaE1VH.css
secure-static.tagged.com/dyn/css/h/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/h/PLigaE1VH.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
7eef757b4075316d57944a1e25b9d9e64725f16a61479ebd3fd75918c17c44ae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jul 2018 23:07:36 GMT
Server
Apache
ETag
"d763-571b2b616546d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
11168
Expires
Sun, 27 Oct 2019 08:21:13 GMT
fP_hAz_Th_cl.js
secure-static.tagged.com/dyn/js/Y/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/Y/fP_hAz_Th_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
e85be082883035d0bd23d3b6f8677291b3ae0222692d3e6109309bc30c41074e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jan 2018 22:20:32 GMT
Server
Apache
ETag
"19f1-563f1a78393b8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
2499
Expires
Sun, 27 Oct 2019 08:21:13 GMT
4hS6KKd_m_cl.js
secure-static.tagged.com/dyn/js/I/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/js/I/4hS6KKd_m_cl.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
6b09d83626a27d49a45ee68dd87753fc36a2cb751d525462ab258d7cfd724701

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 15:02:09 GMT
Server
Apache
ETag
"dcae-59361efe849f1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
12462
Expires
Sun, 27 Oct 2019 08:21:13 GMT
6T0RdeYf7.css
secure-static.tagged.com/dyn/css/X/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/X/6T0RdeYf7.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
b6e4c223be8af717e51af2d91ea34a7cf4be4335fa46bfa933f16c34202bdcc5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jul 2018 22:00:48 GMT
Server
Apache
ETag
"16d1-570ac433d8c1f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
1613
Expires
Sun, 27 Oct 2019 08:21:13 GMT
s-BYpKi-0.css
secure-static.tagged.com/dyn/css/H/ 		2 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-static.tagged.com/dyn/css/H/s-BYpKi-0.css
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
e88fb85018e41011e1a49b53734c086e1859627a01d6b36afad7b3f8ae6c68b2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Dec 2016 20:05:55 GMT
Server
Apache
ETag
"6c3-544d19cf51155-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
600
Expires
Sun, 27 Oct 2019 08:21:13 GMT
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.165 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27-Sep-2019 08:21:13 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 04 Oct 2019 08:21:13 GMT
pubfig.min.js
a.pub.network/tagged-com/ 		415 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/tagged-com/pubfig.min.js
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda9cea3cb161d760e1b0d9cbf370b97842471d7df265f3f31234bf16581ebc1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
br
cf-cache-status
HIT
age
39
x-guploader-uploadid
AEnB2Up7fEIfIwNsC__LbHJV4yHztgduVcUkQ4xjQO4veOz1C50R5vtGAcYgtQcAX4FFrlvAuSX5zxJazEevmDiqfGXXn3-fgw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 20 Sep 2019 21:25:06 GMT
server
cloudflare
etag
W/"07aa5f8c7657205bfda8cd0c73b4a4e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kK1j/A==, md5=B6pfjHZXIFv9qM0Mc7Sk4w==
x-goog-generation
1569014706434553
cache-control
public, max-age=1800
x-goog-stored-content-length
425207
cf-ray
51cc10153b4959be-VIE
expires
Fri, 27 Sep 2019 08:51:13 GMT
gtm.js
www.googletagmanager.com/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFVG9B
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a78671832e9a7e505fd07ed7b216bc7f1aa12a1a19dd7ded1943324d59eb42b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
br
last-modified
Fri, 27 Sep 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20850
x-xss-protection
0
expires
Fri, 27 Sep 2019 08:21:13 GMT
blank.html
secure.tagged.com/ Frame B4FD 		69 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.tagged.com/blank.html
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
587cdc48d51a7732ad2019d0d9099c3d1c50ecbc25083cb607db301422373df1

Request headers

Host
secure.tagged.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Cookie
S=hmm21l488ch6gjhnuato7up80n; B=b=8C3D841C756686FE&remember_me=; L=30P5hjbvqgVt.1tzspT.18_Q99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
63
Keep-Alive
timeout=300
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
truncated
/ 		929 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb4911d3c669ad53701bf5223261d8c01d1f435fe7245e6d791f357b070b6f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
tag_icon_sprite_v4.1.png
secure-static.tagged.com/im/icons/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-static.tagged.com/im/icons/tag_icon_sprite_v4.1.png
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
1649d4b9bdc31e9d7f6f96ce093ac3c8b35545192500835c1056cc00cdc45d94

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure-static.tagged.com/dyn/css/6/W6AxofXs_.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Last-Modified
Tue, 20 Aug 2019 17:57:36 GMT
Server
Apache
ETag
"19fbd-59090310d4a5c"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
106429
Expires
Sun, 27 Oct 2019 08:21:13 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 18:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 21 Sep 2019 00:09:51 GMT
server
sffe
age
309516
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94031
x-xss-protection
0
expires
Tue, 22 Sep 2020 18:22:37 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/Y/_BuOTsVu6_cl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
12c39f120d48d6ccb052d5f420b257d17924faf852cbc24d94739a661b2adc42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NUsFwfH0M8fzWC+tYOtaRQ==
status
200
content-length
1779
etag
"ab883d0717a3a2fc132b1abd68568895"
x-fb-debug
Ip39NhyEEBpWpHq+XEzrdAnFQdp39FYw1v1MN5xa8hW4HmYwp5eJCrpu+Oh8bdUlU0KKzLs6r8NEnleARzpTRA==
x-fb-trip-id
194532234
x-fb-content-md5
4a6ef039374caac7a22429f4d172f6ac
x-frame-options
DENY
date
Fri, 27 Sep 2019 08:21:13 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 27 Sep 2019 08:29:19 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVG9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6915
date
Fri, 27 Sep 2019 06:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 27 Sep 2019 08:25:58 GMT
all.js
connect.facebook.net/en_US/ 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=2c8c04218a2c27aeb3cba930cbe21917&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
04a69afd5ce2f8fd4d8f5f80f1dc6f3a9d5256aafac35148a67c08f29f171df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
Origin
https://secure.tagged.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b/WZ3yBQPco+UIMLgyhGhg==
status
200
content-length
56474
etag
"5f3e283116cbf45a89b04e96d7df3463"
x-fb-debug
L6a6Nh2D+kMBIlvGvuG155RdOOw3nWvGgrF0/LfBiNv/qHZa2HknYOlElwjN4VjdHc5YGpKGfLSfwC2r0ZYP3Q==
x-fb-trip-id
2008243271
x-fb-content-md5
7b2222cd871d7e897058f4c1b908d893
x-frame-options
DENY
date
Fri, 27 Sep 2019 08:21:13 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 26 Sep 2020 06:48:51 GMT
dropup_triangle.png
secure-static.tagged.com/im/chrome/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-static.tagged.com/im/chrome/dropup_triangle.png
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
69bfe4c7727e5ae4b1d3985caad51225d832445b6988fb0998770d7c792e1009

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Last-Modified
Tue, 20 Aug 2019 17:57:28 GMT
Server
Apache
ETag
"4c1-59090309bf6b0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300
Content-Length
1217
Expires
Sun, 27 Oct 2019 08:21:13 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=826641119&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&ul=en-us&de=UTF-8&dt=Account%20Phished%20-%20Tagged&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=380825363&gjid=1910616235&cid=2128899625.1569572473&tid=UA-1982760-1&_gid=540184849.1569572473&_r=1&gtm=2wg9i1NFVG9B&z=1150120158
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 08:21:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame C88E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2c8c04218a2c27aeb3cba930cbe21917&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 25 Sep 2020 19:47:28 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
AtMZwP7EOxhNJfGEyyi8vy7LRhEyR4CJIF7txbhKhyAx3K+xWRMfMgR2BnT2H4eYXMlN4/l/vw6JTi6gVkcC+g==
content-length
12616
x-fb-trip-id
194532234
date
Fri, 27 Sep 2019 08:21:13 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=123049054388972&input_token&origin=1&redirect_uri=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2c8c04218a2c27aeb3cba930cbe21917&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
yAfnAqta6MPam5AwgxfQi9DhOibF+RnnTuUPS6p6uegn9PzFwTcSU1brgbxrwCdIi+VQSNwFm+doqavpN+tUiA==
fb-s
unknown
status
200
date
Fri, 27 Sep 2019 08:21:13 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://secure.tagged.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie
d.pub.network/ 		36 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
b90f6aec3527b7db9b1f02b9cb821a23aaf6f3f8136b1029a736531f820d6afa

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:13 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
d80e5839d198279a97915c6ca1069c537210b27ab7327b12aca428639134e0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"291 / 666 of 1000 / last-modified: 1569527018"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14244
x-xss-protection
0
expires
Fri, 27 Sep 2019 08:21:13 GMT
prebid-analytics-1.33.5.js
a.pub.network/core/ 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-1.33.5.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
AEnB2Uq36KUZDsBbinBceR9KgMpXSlOUf7MGOv9HHmO0lVaHyIrohF0K4nlZrgsnXOUwWGoS3gAsHDlobC3E9X8sfd9vh9LNPA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Wed, 13 Mar 2019 15:07:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xB2m2g==, md5=LUwj9S7PGmAQITSf93OXew==
x-goog-generation
1552489625640716
cache-control
public, max-age=31536000
x-goog-stored-content-length
330336
cf-ray
51cc10160c1959be-VIE
expires
Sat, 26 Sep 2020 08:21:13 GMT
location
d.pub.network/ 		25 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:13 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=secure.tagged.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secure.tagged.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019091901.js
securepubads.g.doubleclick.net/gpt/ 		156 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
58568
x-xss-protection
0
expires
Fri, 27 Sep 2019 08:21:13 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
Server /
Resource Hash
db1b7df84644392f2ec2e4d7499c2ca1d7f4cde9f6fba0c7a778a97e18b3e805

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 23:00:08 GMT
content-encoding
gzip
server
Server
age
33664
etag
3e04be28b928c5e15e522942645dd5ad
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
0XtvQdR1ipNkHaG4uWQXAhskzIeYv_FA4KZ9IFmU1sU4QTgBjpmt0A==
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
v2
d.pub.network/floors/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=640desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
66eac04061769ec2eebc3f5294298b7ee7536ef73a3cff788e1cfbd7d460f3e2

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:13 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 20:19:47 GMT
content-encoding
gzip
vary
Origin
age
43287
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 24 Aug 2018 07:13:51 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
uCrQmJCcP4PygYDJ8Wjk9YeRFKRyjtaSL-ATYvi_3V6UDk5xMb9uiw==
css
fonts.googleapis.com/ 		799 B
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Signika
Requested by
Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1755c07b1340a87f8ad0f68fed664e8bc365ebe485ec52d1287afe438feab720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Sep 2019 08:21:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 27 Sep 2019 08:21:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 27 Sep 2019 08:21:13 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.176 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27-Sep-2019 08:21:13 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 04 Oct 2019 08:21:13 GMT
bxl.js
hbx.media.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.tagged.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1aba5b8575fd5a1c0476568485169d9eb855a614711bfdc9e84e85336ecdaa5e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:13 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400
content-length
6640
x-mnet-hl2
E
expires
Sat, 28 Sep 2019 08:21:13 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Sat, 28 Sep 2019 08:21:13 GMT
null
d.pub.network/rfm/cookie/ 		3 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/null
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:13 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
classification
d.pub.network/ 		3 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=640&pageUrl=https://secure.tagged.com/phished.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:13 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:04:50 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
1054
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA56
x-amz-cf-id
EqSP30QATnpqXLlpeLsak05FUoyqUVlFZ6mb6hmS4m9I1Pdd3NehLw==
via
1.1 852d9d8bb32e82e505d63b5dd4b1e6e1.cloudfront.net (CloudFront)
rules-p-96ZHBHvG56-qg.js
rules.quantcount.com/ 		3 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-96ZHBHvG56-qg.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 May 2019 00:09:03 GMT
via
1.1 852d9d8bb32e82e505d63b5dd4b1e6e1.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:15:51 GMT
server
AmazonS3
age
29411
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
3
x-amz-cf-id
IYl4cfBFxZCAv0-5VMqoU8Y2iuJpqWXhpLM6Fnm7vLTl9zREWXtWdQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Ph...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20P...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=35114e7dd0e8a8c6f4e47b7ce8047a7551359a8a&ns__t=1569572473634&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&c9=
Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
/
secure.tagged.com/api/ 		254 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.tagged.com/api/?application_id=user&format=JSON
Requested by
Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
bb166a403ba76f8a252da1795527c8f823091d1b06449e00f6645ecfef27e73e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.tagged.com/phished.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=300
Content-Length
211
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
secure.tagged.com/api/ 		2 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.tagged.com/api/?application_id=user&format=JSON
Requested by
Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
b58adf88183b7502871ca49f66bda1e6701bb763ed093b87446219ce2e2ab2c6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.tagged.com/phished.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=300
Content-Length
564
Expires
Thu, 19 Nov 1981 08:52:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6076 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&size=normal&cb=i4rukfyi8j1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uSQIu0bgzdlIdoLad8qz8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&size=normal&cb=i4rukfyi8j1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 27 Sep 2019 08:21:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-uSQIu0bgzdlIdoLad8qz8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9337
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pixel;r=1733188957;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html;fpan=1;fpa=P0-2077789609-1569572473660;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1733188957;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html;fpan=1;fpa=P0-2077789609-1569572473660;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1569572473659;tzo=-120;ogl=
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.152 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=789302887;rf=0;uh=31f5842d05e0;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html;fpan=0;fpa=P0-2077789609-1569572473660;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=789302887;rf=0;uh=31f5842d05e0;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html;fpan=0;fpa=P0-2077789609-1569572473660;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1569572473660;tzo=-120;ogl=
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.152 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:13 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
checksync.php
hbx.media.net/ Frame 54EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.tagged.com&version=&https=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
hbx.media.net
:scheme
https
:path
/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 30 Mar 2020 08:21:13 GMT; domain=.media.net; Path=/; visitor-id=2125740732777489000V10; Expires=Sat, 26 Sep 2020 08:21:13 GMT; domain=.media.net; Path=/;
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=27592
expires
Fri, 27 Sep 2019 16:01:05 GMT
date
Fri, 27 Sep 2019 08:21:13 GMT
content-length
6515
bframe
www.google.com/recaptcha/api2/ Frame 7762 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=8ukvqe26b0lu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EAVOGf43iNgNmegAjob4FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Zy-zVXWdnDW6AUZkKlojAKGe&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=8ukvqe26b0lu
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 27 Sep 2019 08:21:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-EAVOGf43iNgNmegAjob4FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1136
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
WxJ/m2vxjxe7mUgCsQzSsBfbudBj55hlmqDgrHwPwi3MKnAMJT0SwmZ7br7WxsqVrQLy/vYaP+l5f3t4h5BTrQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 27 Sep 2019 08:21:13 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
134240187179576
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c33b559368969ef8c79d2a6a9e5deedf6dc4eae13111a5dca2ed6fdc399d233f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79752
x-xss-protection
0
pragma
public
x-fb-debug
u0zkV/GxQLGpC/z/V8AEMcW2j5rD8xsKNpLU/674MILuGuzGZ7tLryk+a69maAYeQqyCTrT2fHf874LBElRowg==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 27 Sep 2019 08:21:13 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
8ngNoGbQHAZ1qXY/AY9rfwwkTAAQnAXrzUcLHgWbKLfJVSpLOjBvYCWnMU73HtYPJv0k7VdpW4r9PelPqLglFg==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Fri, 27 Sep 2019 08:21:13 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&rl=&if=false&ts=1569572473998&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569572473997.1374946777&it=1569572473961&coo=false&rqm=GET
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 27 Sep 2019 08:21:14 GMT
/
www.facebook.com/tr/ 		44 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&rl=&if=false&ts=1569572473999&cd[freestar]=728787f7-fe0b-43a3-958f-1a0103c29180&cd[client]=423&cd[site]=640&cd[page]=0c227285bece9af8d8d1f2b5c6140e85&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569572473997.1374946777&it=1569572473961&coo=false&rqm=GET
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 27 Sep 2019 08:21:14 GMT
c
c.pub.network/ 		36 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
097b94ade0a94776b736aa479326d05e5178778eba24fd3dfcedc761b3bc4448

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:14 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
bid
c.amazon-adsystem.com/e/dtb/ 		47 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&pid=2825290643251569572473433&cb=1815913570731569572474346&ws=1600x1200&v=7.36.03&t=1000&slots=%5B%7B%22sd%22%3A%22Tagged_970x90_728x90_320x100_300x250_320x50_top%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2FTagged_970x90_728x90_320x100_300x250_320x50_top%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
Server /
Resource Hash
daf1c22d2fee7ed2551291add9b0d062a3d2b7c2ebfc7043e39f2d95d134c95a

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:14 GMT
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA53-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://secure.tagged.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
47
x-amz-cf-id
kQwK5IiDafojKf43f5kIlbpjBXjZGK8rqxJfqMw8FNBjjWQ8kenhKA==
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
600e370155fdbb4db1f4628ff3141d2107264cd34148c63c632063aefbeb05e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
AN-X-Request-Uuid
dd3622e3-6dc6-45f2-b873-d07919afbae1
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://secure.tagged.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		24 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=337556&v=7.2&r=%7B%22id%22%3A%22336004038a7161%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224728b8256fbf23%22%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22id%22%3A%225931dafaf2c9f3%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22616dbdbee9b0df%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecure.tagged.com%2Fphished.html%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
505b18f3d483c08e0f61f4d0f3347afb028990a5ce4e234f462b31636b2e9fda

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://secure.tagged.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Fri, 27 Sep 2019 08:21:14 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 27 Sep 2019 08:21:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://secure.tagged.com
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=15&wv=1.32.0&cb=77436339160
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secure.tagged.com
date
Fri, 27 Sep 2019 08:21:13 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
v1
btlr.sharethrough.com/header-bid/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/header-bid/v1?bidId=14c2660d7fc9ba3&placement_key=iPdrUBUGYPkm5Kn2WygXeWhW&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.77.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-77-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
prebid_display
display.bfmio.com/ 		136 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.175.5 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-225-175-5.compute-1.amazonaws.com
Software
/
Resource Hash
12410ac3f1cd3dca3005d1ad50e6bb449deaa0f0286ee507822886df88109641
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://secure.tagged.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
144
v2
i.connectad.io/api/ 		96 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a372ce982acbeb09c86990c5f7ba1c309972e10b45c90050ea86ed9b37e4f499

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 Sep 2019 08:21:14 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://secure.tagged.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
51cc101cfbc18c6e-VIE
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		101 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eb0ae15f1134fd464c279ecd539f2e4681613c782a3f0d23f5bd1be5d3a0ad5c

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 08:21:14 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://secure.tagged.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		101 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=false&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.147.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-147-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2f07c94e2fc36e10ee3427daceb8109592ef4fca2f49a4507f4eaf43b6ea71f6

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 08:21:14 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://secure.tagged.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
mvo
tag.1rx.io/rmp/81609/0/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/81609/0/mvo?z=1r&domain=secure.tagged.com&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&title=(8)%20Account%20Phished%20-%20Tagged&dsh=1200&dsw=1600&tz=-120&dtype=2&flash=0&hbv=1.32%2C1.0.1&imp=Tagged_970x90_728x90_320x100_300x250_320x50_top&w=468%7C728%7C970&h=60%7C90%7C90&floor=0&t=d&gdpr_consent=&gdpr=false&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.44.181.100 , United States, ASN4989 (YUMESJDC01 - YUME, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:14 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
v1
dmx.districtm.io/b/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Sep 2019 08:21:14 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://secure.tagged.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
51cc101dcb5cc29a-FRA
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		19 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.15:80
AN-X-Request-Uuid
93c5880f-90eb-40fa-8512-dec15e5b8e26
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://secure.tagged.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1101098&size_id=2&alt_size_ids=1%2C55&p_pos=unknown&gdpr=0&rf=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&tk_flint=pbjs_lite_v1.32.0&x_source.tid=f9de94c8-fd22-4628-bddd-52f47a5b48c7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.165210777884647
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
acc59a641567203b1872b46f7beebc94f664ab61faaf087803707465c29f6223

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:14 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://secure.tagged.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=361
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
freestar-d.openx.net/w/1.0/ 		174 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=f9de94c8-fd22-4628-bddd-52f47a5b48c7&nocache=1569572474362&gdpr_consent=&gdpr=0&pubcid=791cdf71-f4aa-4486-9bb7-c76d09d5e832&aus=468x60%2C728x90%2C970x90&divIds=Tagged_970x90_728x90_320x100_300x250_320x50_top&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
bce9acf470fcb9d298a12ac6b15edfec9288289a53bd202fd621cec7a9b59ba5

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 08:21:14 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://secure.tagged.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1500&ts=1569572474362
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 Sep 2019 08:21:13 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://secure.tagged.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
qchb
qcx.quantserve.com/ 		66 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qcx.quantserve.com:8443/qchb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.228.72.18 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
11092ae50b8d3a7832a8db4fbb2c8c62ee2b90d08ad1ab80e24418392e0b8f7d

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://secure.tagged.com
cache-control
no-cache
access-control-allow-credentials
true
connection
keep-alive
content-length
89
qchb
qcx.quantserve.com/ 		66 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qcx.quantserve.com:8443/qchb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.228.72.18 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
6dcc2dd27ae0c5148ccd33717b204c5d831c2ca6d743759f0a74c622dd80c190

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://secure.tagged.com
cache-control
no-cache
access-control-allow-credentials
true
connection
keep-alive
content-length
89
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2291548910812605&correlator=497946809424724&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&eid=370204027&vrg=2019091901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190927&iu_parts=15184186%2CTagged_970x90_728x90_320x100_300x250_320x50_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1569572474&dt=1569572474992&dlt=1569572472621&idt=777&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=52&adks=667755078&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&dssz=48&icsg=549766823936&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x70&msz=1600x60&ga_vid=462560980.1569572475&ga_sid=1569572475&ga_hid=826641119&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
55b26302f9aafdf9317af248651a2bc55a9f7ab0f044e172084488bff6b42320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9675
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://secure.tagged.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019091901.js
securepubads.g.doubleclick.net/gpt/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
a29b20518a3bb583278ebb330cba43e072795b7009b39f3479819d00f0833064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 13:07:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24151
x-xss-protection
0
expires
Fri, 27 Sep 2019 08:21:15 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
/
secure.tagged.com/api/ 		69 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.tagged.com/api/?application_id=user&format=JSON
Requested by
Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US),
Reverse DNS
Software
Apache /
Resource Hash
a661959569ee0c29d43734874e5bdf9df08a15ba4e926ffd76505f46d9513df6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.tagged.com/phished.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 27 Sep 2019 08:21:15 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=300
Content-Length
80
Expires
Thu, 19 Nov 1981 08:52:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011909181902540/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
99414220021bb56c0201b0c8d95970a421d014ed6610f2bf416b971baa40c7d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"0fa2032ad0f7908c"
age
247843
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
date
Tue, 24 Sep 2019 11:30:32 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 23 Sep 2020 11:30:32 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011909181902540/ Frame 22A5 		254 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d1405d5cf8a5933bcd3f57cd4d97a5fa56722c0e5aaf7f230fc2cc8c9f493ca3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"f5446a6e8dfc18f5"
age
220726
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70316
x-xss-protection
0
server
sffe
date
Tue, 24 Sep 2019 19:02:29 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 23 Sep 2020 19:02:29 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011909181902540/v0/ Frame 22A5 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6820a56cd0229c637b350e813a2fd76fa8fbf104cb1ae42cc212aaca4ef8a299
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"4ffae9726d279cf6"
age
223484
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5406
x-xss-protection
0
server
sffe
date
Tue, 24 Sep 2019 18:16:31 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 23 Sep 2020 18:16:31 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909181902540/v0/ Frame 22A5 		149 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4880034111d77dd8abc4a114cd181ea3e161e8874c87ad262ffd88f6e5a7f788
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"df92f5c7e66612ae"
age
582867
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40723
x-xss-protection
0
server
sffe
date
Fri, 20 Sep 2019 14:26:48 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 19 Sep 2020 14:26:48 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011909181902540/v0/ Frame 22A5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
439d582bf906423197da99c1eb9d28d7d93d1a626214b340ca272d7ffd79a043
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"c5e15378d8a06797"
age
223484
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1399
x-xss-protection
0
server
sffe
date
Tue, 24 Sep 2019 18:16:31 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 23 Sep 2020 18:16:31 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011909181902540/v0/ Frame 22A5 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909181902540/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba7a66b90e685028b218d0448d7d78bfbc6079131079e5fd677c26f4d2d9602
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"d408cd968418939b"
age
627554
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13912
x-xss-protection
0
server
sffe
date
Fri, 20 Sep 2019 02:02:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Sat, 19 Sep 2020 02:02:01 GMT
truncated
/ Frame 22A5 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d83f45dce390d3a06a53792d0626a0e5f9fa4b622f77c0a0b49abdb964807ace

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
13654200393257019493
tpc.googlesyndication.com/simgad/ Frame 22A5 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13654200393257019493
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6567df69dced3a3a2afc10a22bea324b45144803c64a165368155fecd9aef1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Sep 2019 06:00:01 GMT
x-content-type-options
nosniff
age
354074
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36030
x-xss-protection
0
last-modified
Tue, 30 Jul 2019 08:23:19 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Sep 2020 06:00:01 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 22A5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 26 Sep 2019 20:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
40887
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 27 Sep 2019 20:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 22A5 		295 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 26 Sep 2019 22:36:03 GMT
x-content-type-options
nosniff
server
cafe
age
35112
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 27 Sep 2019 22:36:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 22A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTUSHe8aNXYToAsmWgAfn9q64D9KolOJXuZOrjZoKmNiYlJUXEAEg2tfFOWCVAqAB_dGx8wLIAQOpAuIYN8VjU7I-4AIAqAMByAMIqgTLAU_Q23iwKAQ4YIDz73Ofudr-lExKMHsZ7DLk5UDoU2sZiPxEg5ubI2s5LPsJFnmUc4suBaVrGRDw9vXoXpAKsDmiItxfZK67ra75ofJ0Kq-3SE3kPVTY2-2wepPZ0soXPAIE79zh2nooXNMjxBY2_ZQKzoDYcAKLHhX0n-ecNSoYhwn--A18U6tAuBs6U-f8V6sovCMeRl2l44J1XS9uMQyY8jn2_PGBN6ntwRK0LgKtfKWp8OVai-jRxFn09nc9eLqpRWsxWd9tkUKn4AQBoAYDgAfrrc6MAagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCVvwbSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcxMjExOTc0MDQyOTE2MzSACgPYEwM&sigh=yTWmtr01ZTQ&tpd=AGWhJmtKtWyO4pVTsOqT9THlS2mHPsnX3_70DamSiByBE1Goxg
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 22A5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Fri, 27 Sep 2019 08:21:15 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=Microdata&dl=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&rl=&if=false&ts=1569572475500&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(8)%20Account%20Phished%20-%20Tagged%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569572473997.1374946777&it=1569572473961&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 27 Sep 2019 08:21:15 GMT
c
c.pub.network/ 		36 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
98dace446fa9f7131fd284be5488830eaa517e0b5b9db35fe7fdaaf1647a839f

Request headers

Sec-Fetch-Mode
cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://secure.tagged.com
Date
Fri, 27 Sep 2019 08:21:15 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cff053fc5593a79e8bf38632ee37f2f135ae8358a1d1a1d71ae403c67b9377af

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Sep 2019 08:21:15 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 16:58:53 GMT
server
nginx
etag
W/"5d8110cd-aa08"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 28 Sep 2019 08:21:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 22A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_lMPe8aNXYToAsmWgAfn9q64D9KolOJXuZOrjZoKmNiYlJUXEAEg2tfFOWCVAqAB_dGx8wLIAQOpAuIYN8VjU7I-4AIAqAMBqgTLAU_Q23iwKAQ4YIDz73Ofudr-lExKMHsZ7DLk5UDoU2sZiPxEg5ubI2s5LPsJFnmUc4suBaVrGRDw9vXoXpAKsDmiItxfZK67ra75ofJ0Kq-3SE3kPVTY2-2wepPZ0soXPAIE79zh2nooXNMjxBY2_ZQKzoDYcAKLHhX0n-ecNSoYhwn--A18U6tAuBs6U-f8V6sovCMeRl2l44J1XS9uMQyY8jn2_PGBN6ntwRK0LgKtfKWp8OVai-jRxFn09nc9eLqpRWsxWd9tkUKn4AQBoAYDgAfrrc6MAagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCVvwbSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcxMjExOTc0MDQyOTE2MzSACgPYEwM&sigh=lJOrZcecgXU&vt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 22A5 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv0jxe9CMDxedW6WVBZgsPy-R4mEtnlmoMfngfjC3zbkzcT3cfO0d4qhuGkUn4MLAmUxPwV0UQzQxGka82RuAnl9SSLb2BUhEPFO-0W2oFt_QEqjpzoQ&sai=AMfl-YQGdjh8ismorT6A7qWw4Hwgk7Vd0apWvDVQ7bKNJbXfIvdfmGg68vmXYbXKZSIlhBBQtjRRpQs4e8kzsI3hyWGLUMit65D36WeqwLyd&sig=Cg0ArKJSzGY1o26GTqJ0EAE&id=ampim&o=436,52&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=64&tls=1064&g=100&h=100&pt=174&tt=1064&rpt=174&rst=1569572475324&r=v&adk=667755078&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Sep 2019 08:21:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.districtm.io/ids/ Frame 10FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
date
Fri, 27 Sep 2019 08:21:21 GMT
content-type
text/html
set-cookie
__cfduid=dea5fd2033037a6fbb203e9ef55a07be31569572481; expires=Sat, 26-Sep-20 08:21:21 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51cc10465a85c29a-FRA
content-encoding
br
Cookie set check.html
biddr.brealtime.com/ Frame 2972 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Date
Fri, 27 Sep 2019 08:21:21 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8d914b0ac9dfea26191149c4aa9f7f411569572481; expires=Sat, 26-Sep-20 08:21:21 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
3IwkJK8GogvoEF3WefQEyyURp0aEzmw/nukDb0ZbS78YHtXI3ABUJ7MlLn0FfSZKe4GdghcSekU=
x-amz-request-id
3101841DB81139F6
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
1250
Expires
Fri, 27 Sep 2019 08:22:21 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
51cc10468aa3c2b8-FRA
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 36DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 27 Sep 2019 08:21:21 GMT
Age
4487966
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 2217945
X-Timer
S1569572481.029068,VS0,VE0
Vary
Accept-Encoding
Cookie set sync_iframe
sync.bfmio.com/ Frame AC89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Freestar+-+Header+Bidding+-+Display&gdpr=0&gc=&gce=1&cb=1569572474699
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.28.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-201-28-105.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 27 Sep 2019 08:21:21 GMT
Set-Cookie
__io_cid=11cfb9600c9eeabc06d99c00dea0fd4dc7843b35; Domain=.bfmio.com; Expires=Sat, 26-Sep-2020 08:21:21 GMT; Path=/
Content-Length
217
Connection
keep-alive
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 83D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=20806
Expires
Fri, 27 Sep 2019 14:08:07 GMT
Date
Fri, 27 Sep 2019 08:21:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B1D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 25 Sep 2019 17:59:19 GMT
Content-Encoding
gzip
Content-Length
7692
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=30394
Expires
Fri, 27 Sep 2019 16:47:55 GMT
Date
Fri, 27 Sep 2019 08:21:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A104 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://secure.tagged.com/phished.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 27 Sep 2019 08:21:21 GMT
Age
4487966
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 2217946
X-Timer
S1569572481.035108,VS0,VE0
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame F3D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8528 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
date
Fri, 27 Sep 2019 08:21:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7f765fa56012233b3c53f218f0c88f021569572481; expires=Sat, 26-Sep-20 08:21:21 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
555
expires
Fri, 27 Sep 2019 16:21:21 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
51cc10467e888c6e-VIE
content-encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame DE31
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://secure.tagged.com/phished.html
accept-encoding
gzip, deflate, br
cookie
i=08e63019-2d3e-02bf-3094-3ca82f8cfabd|1569572481
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://secure.tagged.com/phished.html

Response headers

status
200
vary
Accept
set-cookie
i=08e63019-2d3e-02bf-3094-3ca82f8cfabd|1569572481; Version=1; Expires=Sat, 26-Sep-2020 08:21:21 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1569572481|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 12-Oct-2019 08:21:21 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 27 Sep 2019 08:21:21 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=08e63019-2d3e-02bf-3094-3ca82f8cfabd|1569572481; Version=1; Expires=Sat, 26-Sep-2020 08:21:21 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
date
Fri, 27 Sep 2019 08:21:21 GMT
content-length
0
via
1.1 google
alt-svc
clear
audit
hbevents.1rx.io/ 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbevents.1rx.io/audit?bidder_version=1.0.1.0&doc_type=Prebid%20Audit&doc_version=1&framed=0&gdpr=false&gdpr_consent=&placement_codes=Tagged_970x90_728x90_320x100_300x250_320x50_top&placement_id=81609&popped=0&prebid_version=1.32.0&response_ms=647&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.40.206 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-214-40-206.us-west-2.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:21 GMT
Content-Encoding
gzip
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
X-Powered-By
PHP/5.5.9-1ubuntu4.21
Content-Length
20
Content-Type
text/html
1x1.gif
s3.amazonaws.com/brt-appnexus-cookie-sync/
Redirect Chain
  • https://edba.brealtime.com/
  • https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.179.93 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://secure.tagged.com/phished.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 27 Sep 2019 08:21:22 GMT
Last-Modified
Fri, 10 Nov 2017 21:53:47 GMT
Server
AmazonS3
x-amz-request-id
BFF7C9CF31E32D29
ETag
"d89746888da2d9510b64a9f031eaecd5"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
42
x-amz-id-2
ogFF+5p1Fh/kRZnfCgVL/20I/1Dm2g30uTcenpgP3zwJNBp+m4+D+YY8uJvpfr/CY5bKDNSSN/0=

Redirect headers

Date
Fri, 27 Sep 2019 08:21:21 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Location
https://s3.amazonaws.com/brt-appnexus-cookie-sync/1x1.gif
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
51cc10468e80d72d-FRA
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| pageNow object| YAHOO undefined| D undefined| E undefined| H function| $ function| jQuery object| test object| TAGGED object| tagged object| freestar object| dataLayer object| googletag object| RecaptchaOptions object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| formatStuff function| P function| fbAsyncInit object| google_tag_manager string| GoogleAnalyticsObject function| ga object| FB object| recaptcha object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _ object| fsdata function| load_script object| pbjs object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken undefined| google_measure_js_timing object| apstag boolean| google_noFetch number| __google_ad_urls_id boolean| apstagLOADED function| str_repeat function| sprintf function| vsprintf function| ClickLogger function| io object| Backbone object| Nav function| moment function| Big function| pbjsChunk object| __core-js_shared__ function| JSEncrypt object| _qevents object| advBidxc object| _comscore function| quantserve function| __qc object| ezt object| _qoptions function| udm_ object| ns_p object| COMSCORE object| freestarSlotIds object| freestarNewAdSlots undefined| args object| closure_lm_392381 function| _mR function| _mD function| fbq function| _fbq object| Criteo number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| criteo_pubtag

2 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0ZCUioZrlPZhsfECS..BdjcZ6...1.0.BdjcZ6.
.tagged.com/ Name: _fbp
Value: fb.1.1569572473997.1374946777

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011909181902540/amp4ads-v0.js(Line 529)
Message:
Powered by AMP ⚡ HTML – Version 1909181902540 https://secure.tagged.com/phished.html
console-api warning URL: https://cdn.ampproject.org/rtv/011909181902540/amp4ads-v0.js(Line 7)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C_lMPe8aNXYToAsmWgAfn9q64D9KolOJXuZOrjZoKmNiYlJUXEAEg2tfFOWCVAqAB_dGx8wLIAQOpAuIYN8VjU7I-4AIAqAMBqgTLAU_Q23iwKAQ4YIDz73Ofudr-lExKMHsZ7DLk5UDoU2sZiPxEg5ubI2s5LPsJFnmUc4suBaVrGRDw9vXoXpAKsDmiItxfZK67ra75ofJ0Kq-3SE3kPVTY2-2wepPZ0soXPAIE79zh2nooXNMjxBY2_ZQKzoDYcAKLHhX0n-ecNSoYhwn--A18U6tAuBs6U-f8V6sovCMeRl2l44J1XS9uMQyY8jn2_PGBN6ntwRK0LgKtfKWp8OVai-jRxFn09nc9eLqpRWsxWd9tkUKn4AQBoAYDgAfrrc6MAagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBCVvwbSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcxMjExOTc0MDQyOTE2MzSACgPYEwM&sigh=lJOrZcecgXU&vt=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.ampproject.org
cdn.connectad.io
cdn.districtm.io
connect.facebook.net
d.pub.network
display.bfmio.com
dmx.districtm.io
edba.brealtime.com
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
freestar-d.openx.net
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbevents.1rx.io
hbopenbid.pubmatic.com
hbx.media.net
i.connectad.io
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
qcx.quantserve.com
rules.quantcount.com
s3.amazonaws.com
sb.scorecardresearch.com
secure-static.tagged.com
secure.quantserve.com
secure.tagged.com
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
sync.bfmio.com
tag.1rx.io
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tagged.com
www.taggedmail.com
104.109.78.125
104.16.190.66
104.17.120.107
135.84.35.166
135.84.35.171
143.204.211.231
151.101.113.108
172.217.16.162
172.217.22.98
178.250.0.130
178.250.2.152
18.196.104.43
185.33.223.221
185.64.189.112
2.18.233.180
2.18.234.21
2.18.235.93
2.19.43.224
2600:9000:20bb:f400:6:44e3:f8c0:93a1
2606:4700:10::6814:8528
2606:4700:20::6819:bf72
2a00:1450:4001:808::2002
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:818::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:820::2004
2a00:1450:4001:824::2001
2a00:1450:4001:824::2002
2a00:1450:4001:824::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.225.175.5
34.95.120.147
35.156.77.44
35.188.71.214
35.226.36.58
52.201.28.105
52.216.179.93
54.214.40.206
54.77.147.35
69.173.144.141
8.44.181.100
91.228.72.18
91.228.74.152
91.228.74.165
91.228.74.176
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a69afd5ce2f8fd4d8f5f80f1dc6f3a9d5256aafac35148a67c08f29f171df0
097b94ade0a94776b736aa479326d05e5178778eba24fd3dfcedc761b3bc4448
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11092ae50b8d3a7832a8db4fbb2c8c62ee2b90d08ad1ab80e24418392e0b8f7d
12410ac3f1cd3dca3005d1ad50e6bb449deaa0f0286ee507822886df88109641
12c39f120d48d6ccb052d5f420b257d17924faf852cbc24d94739a661b2adc42
13e172e1fd934c9acf7cfbacb8431462649b79be7554cbd209cd0aa3115dd00a
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1649d4b9bdc31e9d7f6f96ce093ac3c8b35545192500835c1056cc00cdc45d94
1755c07b1340a87f8ad0f68fed664e8bc365ebe485ec52d1287afe438feab720
17f11260e32fe25cb8c572482f049be5901fb39f26fdacfeca588c8e8f5e3c25
1aba5b8575fd5a1c0476568485169d9eb855a614711bfdc9e84e85336ecdaa5e
2544182fb9a0a2f65dac966c91bcbcb8239798c4c5d8278f0fd6d9f4056d301e
2ea5176ebad3dd6ad56ba98a4600772d22227ae6778021603d645ef0c7e37d14
2f07c94e2fc36e10ee3427daceb8109592ef4fca2f49a4507f4eaf43b6ea71f6
33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad
35ca40cd00ec12c376791e23fe8e95b1bff7fcb786bcc1d23bfa524d022b95cb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a78671832e9a7e505fd07ed7b216bc7f1aa12a1a19dd7ded1943324d59eb42b
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
439d582bf906423197da99c1eb9d28d7d93d1a626214b340ca272d7ffd79a043
4880034111d77dd8abc4a114cd181ea3e161e8874c87ad262ffd88f6e5a7f788
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c
505b18f3d483c08e0f61f4d0f3347afb028990a5ce4e234f462b31636b2e9fda
55b26302f9aafdf9317af248651a2bc55a9f7ab0f044e172084488bff6b42320
587cdc48d51a7732ad2019d0d9099c3d1c50ecbc25083cb607db301422373df1
5ba7a66b90e685028b218d0448d7d78bfbc6079131079e5fd677c26f4d2d9602
600e370155fdbb4db1f4628ff3141d2107264cd34148c63c632063aefbeb05e8
66eac04061769ec2eebc3f5294298b7ee7536ef73a3cff788e1cfbd7d460f3e2
6820a56cd0229c637b350e813a2fd76fa8fbf104cb1ae42cc212aaca4ef8a299
69bfe4c7727e5ae4b1d3985caad51225d832445b6988fb0998770d7c792e1009
6b09d83626a27d49a45ee68dd87753fc36a2cb751d525462ab258d7cfd724701
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6dcc2dd27ae0c5148ccd33717b204c5d831c2ca6d743759f0a74c622dd80c190
78e12244ace6ae3034007123a5b1d63542e8b1a94d268b77298f3b214e9482e3
7eef757b4075316d57944a1e25b9d9e64725f16a61479ebd3fd75918c17c44ae
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
9812e589715797455dcf2ae2b95ba47955d148d7efafebf174a166d99e0dcac7
98dace446fa9f7131fd284be5488830eaa517e0b5b9db35fe7fdaaf1647a839f
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2
99414220021bb56c0201b0c8d95970a421d014ed6610f2bf416b971baa40c7d5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29b20518a3bb583278ebb330cba43e072795b7009b39f3479819d00f0833064
a372ce982acbeb09c86990c5f7ba1c309972e10b45c90050ea86ed9b37e4f499
a661959569ee0c29d43734874e5bdf9df08a15ba4e926ffd76505f46d9513df6
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
acc59a641567203b1872b46f7beebc94f664ab61faaf087803707465c29f6223
b3b9428f3b3cea55353631b0e59124b224abff8205c5e008ce7dd3df64beda91
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b58adf88183b7502871ca49f66bda1e6701bb763ed093b87446219ce2e2ab2c6
b6e4c223be8af717e51af2d91ea34a7cf4be4335fa46bfa933f16c34202bdcc5
b90f6aec3527b7db9b1f02b9cb821a23aaf6f3f8136b1029a736531f820d6afa
b95cabafcf9ef68db4877eaa8dd3672c8d0ecb1cded2fa380f0f594f5ebafbf4
bb166a403ba76f8a252da1795527c8f823091d1b06449e00f6645ecfef27e73e
bce9acf470fcb9d298a12ac6b15edfec9288289a53bd202fd621cec7a9b59ba5
c33b559368969ef8c79d2a6a9e5deedf6dc4eae13111a5dca2ed6fdc399d233f
c77635c1d346c5471d294f59d0c4ef11f71c21f94e82087cbd99984c9aaa3cda
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cda9cea3cb161d760e1b0d9cbf370b97842471d7df265f3f31234bf16581ebc1
cff053fc5593a79e8bf38632ee37f2f135ae8358a1d1a1d71ae403c67b9377af
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d1405d5cf8a5933bcd3f57cd4d97a5fa56722c0e5aaf7f230fc2cc8c9f493ca3
d7bb4911d3c669ad53701bf5223261d8c01d1f435fe7245e6d791f357b070b6f
d80e5839d198279a97915c6ca1069c537210b27ab7327b12aca428639134e0c9
d83f45dce390d3a06a53792d0626a0e5f9fa4b622f77c0a0b49abdb964807ace
daf1c22d2fee7ed2551291add9b0d062a3d2b7c2ebfc7043e39f2d95d134c95a
db1b7df84644392f2ec2e4d7499c2ca1d7f4cde9f6fba0c7a778a97e18b3e805
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85be082883035d0bd23d3b6f8677291b3ae0222692d3e6109309bc30c41074e
e88fb85018e41011e1a49b53734c086e1859627a01d6b36afad7b3f8ae6c68b2
ea55489a5a88e01c3b3c70777df6747d0b7b415717721f6ba59ed87cf487bd80
eb0ae15f1134fd464c279ecd539f2e4681613c782a3f0d23f5bd1be5d3a0ad5c
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe5376f6eba8ac2fe298720db0b8323f8eae62a798ca0809325663fbcf0084d
f6567df69dced3a3a2afc10a22bea324b45144803c64a165368155fecd9aef1c