urlscan.io logo urlscan.io
SecurityTrails logo

xn--gemin-xsa.site Open in urlscan Pro Puny
geminì.site IDN
51.77.42.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--gemin-xsa.site/
Effective URL: https://xn--gemin-xsa.site/
Submission: On June 03 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 7 countries across 14 domains to perform 67 HTTP transactions. The main IP is 51.77.42.125, located in Warsaw, Poland and belongs to OVH, FR. The main domain is xn--gemin-xsa.site.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 31st 2019. Valid for: 3 months.
This is the only time xn--gemin-xsa.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 51.77.42.125 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 172.217.22.2 15169 (GOOGLE)
4 2600:1901:0:2... 15169 (GOOGLE)
2 99.86.1.198 16509 (AMAZON-02)
2 37.252.161.184 29990 (ASN-APPNEXUS)
1 37.252.173.22 29990 (ASN-APPNEXUS)
1 104.75.173.78 16625 (AKAMAI-AS)
1 52.94.220.16 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.80.38.183 27381 (CASALE-MEDIA)
2 14 37.157.6.246 198622 (ADFORM)
8 37.157.6.234 198622 (ADFORM)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.233.155.168 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.230.142 16625 (AKAMAI-AS)
2 151.101.37.108 54113 (FASTLY)
1 2 173.241.240.143 36089 (OPENX-AS1)
67 22
5    51.77.42.125 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: ns3145634.ip-51-77-42.eu
xn--gemin-xsa.site
5    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
5    172.217.22.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2600:1901:0:2090:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
www.astrology-zodiac-signs.com
2    99.86.1.198 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net
c.amazon-adsystem.com
2    37.252.161.184 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
1    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    104.75.173.78 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-75-173-78.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    52.94.220.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
2    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    185.80.38.183 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)
a3214.casalemedia.com
14    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
8    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
8    2606:4700::6810:aabc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.bannerflow.com
2    52.233.155.168 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.37.108 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
2    173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
u.openx.net
Domain Requested by
14 track.adform.net 2 redirects www.astrology-zodiac-signs.com
s1.adform.net
xn--gemin-xsa.site
8 cdn.bannerflow.com xn--gemin-xsa.site
cdn.bannerflow.com
8 s1.adform.net track.adform.net
s1.adform.net
xn--gemin-xsa.site
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
xn--gemin-xsa.site
5 www.googletagservices.com xn--gemin-xsa.site
securepubads.g.doubleclick.net
5 xn--gemin-xsa.site 1 redirects xn--gemin-xsa.site
4 www.astrology-zodiac-signs.com xn--gemin-xsa.site
2 u.openx.net 1 redirects www.astrology-zodiac-signs.com
2 acdn.adnxs.com www.astrology-zodiac-signs.com
2 pagead2.googlesyndication.com
2 56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com cdn.bannerflow.com
2 a3214.casalemedia.com www.astrology-zodiac-signs.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 prebid.adnxs.com www.astrology-zodiac-signs.com
2 c.amazon-adsystem.com xn--gemin-xsa.site
c.amazon-adsystem.com
1 eus.rubiconproject.com www.astrology-zodiac-signs.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 as-sec.casalemedia.com www.astrology-zodiac-signs.com
1 ib.adnxs.com www.astrology-zodiac-signs.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
67 21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
xn--gemin-xsa.site
Let's Encrypt Authority X3		 2019-05-31 -
2019-08-29		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.astrology-zodiac-signs.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-27 -
2019-09-27		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
prebid.adnxs.com
GeoTrust RSA CA 2018		 2019-03-25 -
2021-05-20		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-05-08 -
2020-03-09		 10 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2018-12-12 -
2019-12-10		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2016-12-13 -
2019-12-13		 3 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
ssl452962.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-02-08 -
2019-08-17		 6 months crt.sh
*.tracker.bannerflow.com
DigiCert SHA2 Secure Server CA		 2018-08-27 -
2020-08-31		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-17		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh

This page contains 16 frames:

Primary Page: https://xn--gemin-xsa.site/
Frame ID: 6B39460EEF6CB8B9F2FD634BE2C05057
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstazeObKNRcq2ayqHqZGC-eBShp09MGgs02hWNnd8oPHmNvievoTyj79DvgX8kVVgZC5LQV14HPZf9oJS_5ITKYg35nGanWeMx3K2XxYG8M_F4H2yB1UQ4ToAH6ZhXq4YHFTc_oKU8WTMr4KPmY1Ox57qArVGdUisuvjI5lv2A-9TfXp2C8M6ztHraBmCECUXzQtOWwOzDCJeaGJ2Q176npLWpUCDLQtli6imHc9NBayEcMQAgd70BdYkFNhXvi4llwfWElgqCNgws&sai=AMfl-YTd6F6AuBo4bzHLrxyAdRuGqD1d8NjEtWzlM_MDRc9ljQbpFz00b7zYlUgAttq8fqQsWibjBns7Y8FpQKJPxsE2s9clQDkpDgrhYlYCdQ&sig=Cg0ArKJSzPNbBxHEEkSxEAE&urlfix=1&adurl=
Frame ID: BB060B6248277E1D0EA8921B9912F564
Requests: 12 HTTP requests in this frame

Frame: https://a3214.casalemedia.com/ifnotify?gdprconsent=1&c=EF5CD3&r=E607D08F&t=5CF4D4D5&u=X0VNeVBCRlJxczBfSEtpcFEySTVKdnA3&m=153cec0fc0974b5fef542d494d787c17&wp=2&aid=4BCE65464771DE43&tid=106A0&s=2E29B&cp=0.02&n=xn--gemin-xsa.site&pr=xx&epr=255c090b094d1b5
Frame ID: BA31FD2895E9555AD9DA77E9FD7D0273
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssozW_pb_c_7b5Qdf86ojRQgHY5fzuLvbBE3_slagXNtFKztJj2WovbKflwoYdFNbjW9ut-RKWLYineFnuMV_4ddNdcaqdgD919eVETx58WDTF7C9z9_rmZNTaDk0YBiVuIk8opYQ_ZbSR6on7vvubHNn0PomqxgvF0d7nFZ0GTAPicI7w3LqFnmp65kxLzZEtH68GXXWd18QOhzjklvjqjhJF37GvAF_lZGkRmrhLMwizHttXdWXCZRY9IEr-IEyWYKvkjXTnX4k8&sai=AMfl-YQCANoWpBBhzTBQ15xssAY5NKORbTbDPR2w1hDE-sphcYwqFuWRp7M0Ju_Gt2M0nPJFi0r9rnUkP8i6xMmhCUeOApcGZK079arxL4wmpQ&sig=Cg0ArKJSzAVaxe1zm-RYEAE&urlfix=1&adurl=
Frame ID: 1A74DC80724B63D848367AFB555E66F7
Requests: 12 HTTP requests in this frame

Frame: https://a3214.casalemedia.com/ifnotify?gdprconsent=1&c=EF5998&r=E607D090&t=5CF4D4D5&u=X0VNeVBCRlJxczBfSEtpcFEySTVKdnA3&m=7ef5461c7f513d18efabf5650e89c052&wp=2&aid=4BCE6546477181A1&tid=106A0&s=2E29C&cp=0.02&n=xn--gemin-xsa.site&pr=xx&epr=255c090b094d1b5
Frame ID: 77D363929063C9557AE72F944476AC87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Frame ID: B1ADDCADEB6FAFA4EF493F7026ED9AB5
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/36063/6589398/6589398.js?ADFassetID=6589398&bv=257
Frame ID: 9D1E7BC665AE92F1DF8BF07A76B89D87
Requests: 5 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/36063/6589392/6589392.js?ADFassetID=6589392&bv=257
Frame ID: 815275B02E77CEDE6719A2C9F6E471B7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5cc04a0f49d4c7187426f973.1zT1uvSvaLSn.html?cb=636942890497006676&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Frame ID: 10D38366AA4C54DC6D49229CA5D9BF7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5cc04a0f49d4c7187426f973.html?cb=636942890483683649&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Frame ID: 4BB4EB39B9FAB1C723B1DFFF1C05AE5C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5cc04a1149d4c7187426f9ce.LubbWyDWO9Lr.html?cb=636942890515498875&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Frame ID: 09D7FE04DC44CF5EB88223CF2720E575
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bannerflow.com/bf-banners/5cc04a1149d4c7187426f9ce.html?cb=636942890495185037&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Frame ID: 1055E57D0481C6C4A3DF2A8BD87797BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E104C59CDEAED55C9EBBD03B93BBC435
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: C16E015969488DCDC4E64CC89CA6163C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 0CB21D483D57FC78F0E8EEDC8660E33D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 63516C75747DE972138EDC818F865A38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xn--gemin-xsa.site/ HTTP 301
    https://xn--gemin-xsa.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /pbjs/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i

Page Statistics

67
Requests

100 %
HTTPS

33 %
IPv6

14
Domains

21
Subdomains

22
IPs

7
Countries

621 kB
Transfer

1344 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--gemin-xsa.site/ HTTP 301
    https://xn--gemin-xsa.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 302
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 43
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 302
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 67
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--gemin-xsa.site/
Redirect Chain
  • http://xn--gemin-xsa.site/
  • https://xn--gemin-xsa.site/
91 KB
91 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--gemin-xsa.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.77.42.125 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3145634.ip-51-77-42.eu
Software
nginx/1.14.1 /
Resource Hash
54fb738c38e621e6c99d7bc9ce25e6d9dcd4c5914f070a0000f7b7f6c5c36bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Host
xn--gemin-xsa.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Mon, 03 Jun 2019 08:05:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=31536000;

Redirect headers

Server
nginx/1.14.1
Date
Mon, 03 Jun 2019 08:05:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://xn--gemin-xsa.site:443/
libs.js
xn--gemin-xsa.site/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xn--gemin-xsa.site/libs.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.77.42.125 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3145634.ip-51-77-42.eu
Software
nginx/1.14.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Purpose
prefetch
Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 08:05:41 GMT
Last-Modified
Fri, 31 May 2019 20:16:44 GMT
Server
nginx/1.14.1
ETag
"5cf18bac-3670"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13936
gpt.js
www.googletagservices.com/tag/js/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Purpose
prefetch
Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"185 / 943 of 1000 / last-modified: 1559232341"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10462
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
libs.js
xn--gemin-xsa.site/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--gemin-xsa.site/libs.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.77.42.125 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3145634.ip-51-77-42.eu
Software
nginx/1.14.1 /
Resource Hash
972003052bb5f58479c1e40e1d9006328c9a84bd3682482a3a7b8640b2bd0b64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 08:05:41 GMT
Last-Modified
Fri, 31 May 2019 20:16:44 GMT
Server
nginx/1.14.1
ETag
"5cf18bac-3670"
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13936
gpt.js
www.googletagservices.com/tag/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e43b7c2826b3e149f8247362d7f9316093f95dbde81865384b65c4d00d4616bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"185 / 361 of 1000 / last-modified: 1559232361"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10469
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xn--gemin-xsa.site
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xn--gemin-xsa.site
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019053001.js
securepubads.g.doubleclick.net/gpt/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
sffe /
Resource Hash
8bd06a157f6234495a2a93e0ad4166ebe82bf9d69a20831eadd196aad3f152b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 May 2019 13:05:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55383
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
main_us.js
www.astrology-zodiac-signs.com/js/ 		174 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.astrology-zodiac-signs.com/js/main_us.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:2090:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c03402cbf9273c6d0c219e165bbe1996d658b696fbc404df32aaa525fcf2bc6

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Fri, 31 May 2019 07:41:09 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2019 23:18:06 GMT
server
nginx
age
260672
etag
W/"5cb11cae-2b8dc"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800,public
alt-svc
clear
content-length
66607
via
1.1 google
expires
Fri, 07 Jun 2019 07:41:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/libs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
2bcbed8ade63c6e0da313465ab20b2e2e5e5e020609551b4916431d121f46c5f

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 18:13:14 GMT
Content-Encoding
gzip
Server
Server
Age
49946
ETag
fd23b0793c72e73c94f81e99274c36bd
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
nnCoection
close
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
6xN8zy1pEx7RkCaMZTfueVHepisfKD77bL2ssICyWFn1s_2RmSqSLA==
Via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cookie_sync
prebid.adnxs.com/pbs/v1/ 		42 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 08:05:43 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://xn--gemin-xsa.site
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		157 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
a990910f84447fa9713950185d511f59b23bad06d7a2c2ee18bae2d5a1200372

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 08:05:43 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://xn--gemin-xsa.site
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
157
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		374 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5692bd521079e8cd4752b7507c79351940417cc52627458b29e1a280660123b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 08:05:43 GMT
X-Proxy-Origin
185.151.58.117; 185.151.58.117; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid
7d9f56cd-2522-4c2b-95cc-1b15f449fa13
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://xn--gemin-xsa.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
374
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?t=350&s=189083&v=7.2&r=%7B%22id%22%3A%22255c090b094d1b5%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2226ff47764e2ca3b%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22189083%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22276531e98cff8aa%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22189084%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2228291c0366d5a3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22189085%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fxn--gemin-xsa.site%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.173.78 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-75-173-78.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5046dcaf74f9f5e6db4d94c11d0382d442550a4dbeb1c76ea884fbb20fda6df8

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Jun 2019 08:05:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://xn--gemin-xsa.site
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2248
Expires
Mon, 03 Jun 2019 08:05:41 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		47 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&pubid=c370f99a-5e1b-40be-ac08-d19c6c0c110d&u=https%3A%2F%2Fxn--gemin-xsa.site%2F&pid=4522673934881559549141257&cb=7115733603501559549141259&ws=1600x1200&v=7.31.02&t=3000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-2454798562068-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F108450905%2FAstrology-Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-2454798562068-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F108450905%2FAstrology-Mid%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-2469661347126-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F108450905%2FAstrology-Btm%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
3c9339e8a7c0410f05b2dba91767ad5eb393573d239bcde151ab14fbb70582df

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site

Response headers

Date
Mon, 03 Jun 2019 08:05:41 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://xn--gemin-xsa.site
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
47
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site

Response headers

Date
Mon, 03 Jun 2019 08:05:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Aug 2018 07:13:51 GMT
Server
AmazonS3
Vary
Accept-Encoding,Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=86400
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
T9xzYMuwOSWqOfBk8FkNOXgQbHA5GbavNB01HZx0ceyF_wwCN-0V9w==
Via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
ads
securepubads.g.doubleclick.net/gampad/ 		77 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1110756788541589&correlator=1760299105219339&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21063891%2C21062900&vrg=2019053001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190603&iu_parts=108450905%2CAstrology-Top%2CAstrology-Mid%2CAstrology-Btm&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C300x250%2C300x250&prev_scp=amznbid%3D1%26amznp%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D29da6c3e4708dd9%26hb_bidder%3Dix%7Camznbid%3D1%26amznp%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D304931ac7d78aa4%26hb_bidder%3Dix%7Camznbid%3D1%26amznp%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D31bbd5f451105fa%26hb_bidder%3Dix&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1559549141&dt=1559549141446&dlt=1559549141021&idt=248&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C1068%2C1053&adys=181%2C296%2C1223&adks=1850042491%2C755661642%2C2611758293&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fxn--gemin-xsa.site%2F&dssz=8&icsg=746&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x5001%7C300x250%7C330x280&msz=728x90%7C300x250%7C330x250&blev=1&bisch=1&ga_vid=1660943431.1559549141&ga_sid=1559549141&ga_hid=390880548&fws=4%2C4%2C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
1167d81222c701cd763a06d28c037beb927a5748a6e267571faaf0f2abe7d11f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981547369342554937/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981547369342554937/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2c26TtzOICFdIGiwod4uMCog&gqi=&layout=/sadbundle/%24csp%253Der3%24/15981547369342554937/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981547369342554937/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15981547369342554937/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2c26TtzOICFdIGiwod4uMCog&gqi=&layout=/sadbundle/%24csp%253Der3%24/15981547369342554937/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
google-creative-id
138228629501,138228715624,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23205
x-xss-protection
0
google-lineitem-id
4620231297,4620231297,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Mon, 03 Jun 2019 08:05:41 GMT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://xn--gemin-xsa.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019053001.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019053001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
sffe /
Resource Hash
7afd1e931fc5bb2211f4f89e204c9e5d349e7bff9088ab84c97c3e5c50c6f8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 May 2019 13:05:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25250
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame BB06 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstazeObKNRcq2ayqHqZGC-eBShp09MGgs02hWNnd8oPHmNvievoTyj79DvgX8kVVgZC5LQV14HPZf9oJS_5ITKYg35nGanWeMx3K2XxYG8M_F4H2yB1UQ4ToAH6ZhXq4YHFTc_oKU8WTMr4KPmY1Ox57qArVGdUisuvjI5lv2A-9TfXp2C8M6ztHraBmCECUXzQtOWwOzDCJeaGJ2Q176npLWpUCDLQtli6imHc9NBayEcMQAgd70BdYkFNhXvi4llwfWElgqCNgws&sai=AMfl-YTd6F6AuBo4bzHLrxyAdRuGqD1d8NjEtWzlM_MDRc9ljQbpFz00b7zYlUgAttq8fqQsWibjBns7Y8FpQKJPxsE2s9clQDkpDgrhYlYCdQ&sig=Cg0ArKJSzPNbBxHEEkSxEAE&urlfix=1&adurl=
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jun 2019 08:05:41 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
ifnotify
a3214.casalemedia.com/ Frame BA31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3214.casalemedia.com/ifnotify?gdprconsent=1&c=EF5CD3&r=E607D08F&t=5CF4D4D5&u=X0VNeVBCRlJxczBfSEtpcFEySTVKdnA3&m=153cec0fc0974b5fef542d494d787c17&wp=2&aid=4BCE65464771DE43&tid=106A0&s=2E29B&cp=0.02&n=xn--gemin-xsa.site&pr=xx&epr=255c090b094d1b5
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.38.183 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3214.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://xn--gemin-xsa.site/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=XPTU1blQJrcAAHMDIEUAAAA.; CMPS=3214; CMST=XPTU01z01NUB; CMDD=AALZVQE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

Date
Mon, 03 Jun 2019 08:05:41 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
/
track.adform.net/adfscript/ Frame BB06 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=30543446;rtbwp=XPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA;rtbdata=VC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f27957dd51b2f45ea4b08c31a1821039cbbebc34df590e83fd7d9c9668efbcd

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9628
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BB06 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7bf5cc86c3864ac00f684f6b619c01d44070bfca139fe2e91f0677501d8ab568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559301155462102"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28384
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
478c6b278b7bdaeb656033355ed843d2bcfcad523d27da9d2d2ad57561ea304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559301155462102"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28172
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A74 		0
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssozW_pb_c_7b5Qdf86ojRQgHY5fzuLvbBE3_slagXNtFKztJj2WovbKflwoYdFNbjW9ut-RKWLYineFnuMV_4ddNdcaqdgD919eVETx58WDTF7C9z9_rmZNTaDk0YBiVuIk8opYQ_ZbSR6on7vvubHNn0PomqxgvF0d7nFZ0GTAPicI7w3LqFnmp65kxLzZEtH68GXXWd18QOhzjklvjqjhJF37GvAF_lZGkRmrhLMwizHttXdWXCZRY9IEr-IEyWYKvkjXTnX4k8&sai=AMfl-YQCANoWpBBhzTBQ15xssAY5NKORbTbDPR2w1hDE-sphcYwqFuWRp7M0Ju_Gt2M0nPJFi0r9rnUkP8i6xMmhCUeOApcGZK079arxL4wmpQ&sig=Cg0ArKJSzAVaxe1zm-RYEAE&urlfix=1&adurl=
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jun 2019 08:05:41 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
ifnotify
a3214.casalemedia.com/ Frame 77D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3214.casalemedia.com/ifnotify?gdprconsent=1&c=EF5998&r=E607D090&t=5CF4D4D5&u=X0VNeVBCRlJxczBfSEtpcFEySTVKdnA3&m=7ef5461c7f513d18efabf5650e89c052&wp=2&aid=4BCE6546477181A1&tid=106A0&s=2E29C&cp=0.02&n=xn--gemin-xsa.site&pr=xx&epr=255c090b094d1b5
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.38.183 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3214.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://xn--gemin-xsa.site/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=XPTU1blQJrcAAHMDIEUAAAA.; CMPS=3214; CMST=XPTU01z01NUB; CMDD=AALZVQE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

Date
Mon, 03 Jun 2019 08:05:41 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
/
track.adform.net/adfscript/ Frame 1A74 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=30543443;rtbwp=XPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg;rtbdata=VC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
521f8778ebf5873485ae8be5855d4af2d3d5c6b4175282883613fb1c1c56f183

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9635
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1A74 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7bf5cc86c3864ac00f684f6b619c01d44070bfca139fe2e91f0677501d8ab568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559301155462102"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28384
x-xss-protection
0
expires
Mon, 03 Jun 2019 08:05:41 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame B1AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019053001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-33/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3444
date
Sat, 01 Jun 2019 04:54:41 GMT
expires
Sun, 31 May 2020 04:54:41 GMT
last-modified
Tue, 16 Apr 2019 19:37:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
184260
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
bootstrap.js
s1.adform.net/stoat/617/s1.adform.net/ Frame BB06 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=30543446;rtbwp=XPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA;rtbdata=VC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
825df7aea3d3fa38e11ca1eb33c9fc5ca78ea7c0f52f5883f9815778b1c94a60

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 10:39:02 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Tue, 04 Jun 2019 11:50:22 GMT
bootstrap.js
s1.adform.net/stoat/617/s1.adform.net/ Frame 1A74 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=30543443;rtbwp=XPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg;rtbdata=VC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
825df7aea3d3fa38e11ca1eb33c9fc5ca78ea7c0f52f5883f9815778b1c94a60

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:41 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 10:39:02 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Tue, 04 Jun 2019 11:50:22 GMT
/
track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame BB06 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPB92rsB5bteEs34bACaigPyPBDjaY2ftckuyPB884akHGOg4BQgNENcHxVdik.uJtHoqvynx9MsFyxYM914Ve_clrJ5v2.2Zb97ShrxMw8bsHz3YMJ5tFFg4K1kl1BNlY6RjJNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4._KpL9.J1pNc0Qpw.1ZC/adfserve/?CC=1&bn=30543446;rtbwp=XPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA;rtbdata=VC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41;js=1;adfxid=1x;1814;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|15&CREFURL=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44fa5bc43ae74dfca90ed343ad099581c6390cf5f35674c609f2078170895995

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2361
expires
-1
/
track.adform.net/wpf/v2/cda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame 1A74 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/cda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPB92rsB5bteEs34bACaigPyPBDjaY2ftckuyPB884akHGOg4BQgNENcHxY4ik.uJtHoqvynx9MsFyxYM914Ve_clrISWV0mI_3Dqvyfy3nw8UXGfe2Rc7L1eWNNW5BNlYiMeBNlY0bAQk45BPQkYjSXu_XVA4.L9.gJ0Nc1lF4XV4L9.J1pNc0KAKXVPyPDI_XVPyPDI_XV8Lf4.90PgJ.huy.1Bi/adfserve/?CC=1&bn=30543443;rtbwp=XPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg;rtbdata=VC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41;js=1;adfxid=2x;490;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|15&CREFURL=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
89003e62805cf8f20b024c03004bb3e42481dd28316f3bedf5c668b1c89e3558

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2367
expires
-1
/
track.adform.net/jsmetrics/ Frame BB06 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=30&asset=91&sid=276&rid=10436&cid=1775
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
last-modified
Tue, 22 May 2018 12:14:37 GMT
server
nginx
etag
"5b0409ad-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
truncated
/ Frame BB06 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f24fbc3ff605a4a639edafbdd6c4fe6a3ca16dbcde124a601cc8c80afcffea91

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1A74 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a297dd6383b1aaf06d8c7d3d5f22c6e6f2075d7e52cec08785e4f07f4bea64b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/617/s1.adform.net/load/v/0.0.172/e/.wSBgkE/i/8IG-4gAAABQAA/r:AdConstructor:contents/HTML:types/ Frame BB06 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/617/s1.adform.net/load/v/0.0.172/e/.wSBgkE/i/8IG-4gAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1e7866230d200cc5c2a64a830f187441cda2c759629b52587e03949fcc056993

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 10:39:02 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Tue, 04 Jun 2019 11:32:26 GMT
Standard
s1.adform.net/stoat/617/s1.adform.net/load/v/0.0.172/e/.wSBgkE/i/8IG-4gAAABQAA/r:AdConstructor:contents/HTML:types/ Frame 1A74 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/617/s1.adform.net/load/v/0.0.172/e/.wSBgkE/i/8IG-4gAAABQAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1e7866230d200cc5c2a64a830f187441cda2c759629b52587e03949fcc056993

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 10:39:02 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Tue, 04 Jun 2019 11:32:26 GMT
/
track.adform.net/csimpr/ Frame BB06 		35 B
425 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=30543446&csi=qEBchesqla-RV-rcJrOoMbAWDmChZ_OhPwyfq66KoU9T-NEGxBjYKNj0aXS3Kw1ZdHWPXnTm1VxNk1rkVuRD5ohdc6DsgMJbHuGEXLVbm4-HMY-LLFZOEw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:42 GMT
server
nginx
access-control-allow-origin
https://xn--gemin-xsa.site
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
6589398.js
s1.adform.net/Banners/Elements/Files/36063/6589398/ Frame 9D1E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/36063/6589398/6589398.js?ADFassetID=6589398&bv=257
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1a69ad8e98d04ca935df4128ac79a7b0bcf19eb968ed30bd5c9deeb317d9db12
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2019 11:22:29 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5ce7d3f5-a2c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
/
track.adform.net/csimpr/ Frame 1A74 		35 B
425 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=30543443&csi=KBOGSLAXifxp43Bimfzu_9PKrdoJEMrv4UBFn-mw3cFT-NEGxBjYKNj0aXS3Kw1ZdHWPXnTm1VxNk1rkVuRD5ohdc6DsgMJbHuGEXLVbm4-HMY-LLFZOEw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:42 GMT
server
nginx
access-control-allow-origin
https://xn--gemin-xsa.site
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
6589392.js
s1.adform.net/Banners/Elements/Files/36063/6589392/ Frame 8152 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/36063/6589392/6589392.js?ADFassetID=6589392&bv=257
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c79248bdad8cf0ea1c7817536f4abbdafb403cb9a74aa0893ff0a20d2c4fea2b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2019 11:22:11 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5ce7d3e3-a2c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 9D1E
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 11:50:18 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c37317a-7694"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

status
302
date
Mon, 03 Jun 2019 08:05:42 GMT
server
nginx
location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
content-type
text/html
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 8152
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 11:50:18 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c37317a-7694"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

status
302
date
Mon, 03 Jun 2019 08:05:42 GMT
server
nginx
location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
content-type
text/html
5ce7d3f4a4a4a06e408731a4
cdn.bannerflow.com/bf-placements/ Frame 9D1E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5ce7d3f4a4a4a06e408731a4?responsive=on&targetwindow=_blank&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D&targetwindow=_blank
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbf5686f7ccee100fc0a18ef1cf36dd9f231996d4f226a075a87061f14c7991

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
pUVFmlj1w+b+SsvM7efrcw==
age
264
status
200
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2019 11:22:28 GMT
server
cloudflare
etag
W/"0x8D6E03A1AF83F4F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
07011b3b-501e-0086-4e2b-129561000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
4e1029db78abbedd-FRA
cf-bgj
minify
5ce7d3e1a4a4a06e4087319e
cdn.bannerflow.com/bf-placements/ Frame 8152 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-placements/5ce7d3e1a4a4a06e4087319e?responsive=on&targetwindow=_blank&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D&targetwindow=_blank
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dd0da271527c57180dcf30a4b2aaad6261269c41ccb8f12140915c93705367

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1KDZKFXdg3Tl/2rGfOCqWQ==
age
162
status
200
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2019 11:22:09 GMT
server
cloudflare
etag
W/"0x8D6E03A0FB6E061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bdb9c861-901e-0031-232a-129a64000000
cache-control
public,max-age=900
x-ms-version
2014-02-14
cf-ray
4e1029db78acbedd-FRA
cf-bgj
minify
render.min.js
cdn.bannerflow.com/scripts/1.4.36/ Frame 8152 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5ce7d3e1a4a4a06e4087319e?responsive=on&targetwindow=_blank&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
381f61665ae95de4109c2a3e13b930eeb03f533c2eae56628bce70f54b991985

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Zr1+J+Kaksm31+1ZAyyl/w==
age
0
status
200
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 14 Jan 2019 13:49:23 GMT
server
cloudflare
etag
W/"0x8D67A27178A08AB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f553b5d-501e-000e-50ed-c02db8000000
x-ms-version
2014-02-14
cf-ray
4e1029dba8dcbedd-FRA
render.min.js
cdn.bannerflow.com/scripts/1.4.36/ Frame 9D1E 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/5ce7d3f4a4a4a06e408731a4?responsive=on&targetwindow=_blank&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D&targetwindow=_blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
381f61665ae95de4109c2a3e13b930eeb03f533c2eae56628bce70f54b991985

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jun 2019 08:05:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Zr1+J+Kaksm31+1ZAyyl/w==
age
0
status
200
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 14 Jan 2019 13:49:23 GMT
server
cloudflare
etag
W/"0x8D67A27178A08AB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f553b5d-501e-000e-50ed-c02db8000000
x-ms-version
2014-02-14
cf-ray
4e1029dba8e6bedd-FRA
5cc04a0f49d4c7187426f973.1zT1uvSvaLSn.html
cdn.bannerflow.com/bf-banners/ Frame 10D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5cc04a0f49d4c7187426f973.1zT1uvSvaLSn.html?cb=636942890497006676&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5cc04a0f49d4c7187426f973.1zT1uvSvaLSn.html?cb=636942890497006676&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dec21b592eef0c438edf9890e4589271b1559549142
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:42 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
t26ixydFCENUzpKHGMgmmw==
last-modified
Fri, 24 May 2019 10:04:09 GMT
x-ms-request-id
0c1253f4-d01e-00d3-3d19-127e16000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
HIT
age
413
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e1029dbe91ebedd-FRA
content-encoding
br
5cc04a0f49d4c7187426f973.html
cdn.bannerflow.com/bf-banners/ Frame 4BB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5cc04a0f49d4c7187426f973.html?cb=636942890483683649&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5cc04a0f49d4c7187426f973.html?cb=636942890483683649&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3e1a4a4a06e4087319e%2522%252C%2522ad%2522%253A%25225cc04a0f49d4c7187426f974%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a0f49d4c7187426f973%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a0f49d4c7187426f973%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543443%3Bcrtbwp%3DXPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DMsGVN4GBiYSEZ2tzv8I5ltwcxw2YETE3XlmxjhmI3OsS4vn_y8Ec4VeN2D-ZK_yVc7bNA6WyavLRjTYjPfIOvYKRnFDV_vILsZbYGFZvI2xNBAXGUYRdwuHUbI103QvB4UFuhV40q881%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dec21b592eef0c438edf9890e4589271b1559549142
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:42 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
hGxE47J7vDs1FvdK1zETYw==
last-modified
Fri, 24 May 2019 10:04:08 GMT
x-ms-request-id
bd77abda-901e-0031-2119-129a64000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
HIT
age
397
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e1029dbe924bedd-FRA
content-encoding
br
pixel
56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com/api/tr/v1/ Frame 8152 		43 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22https%3A%2F%2Fxn--gemin-xsa.site%2F%22%2C%22s%22%3A%221559549142374_16984%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.4.36%22%2C%22a%22%3A%22gaming-innovation-group%22%2C%22br%22%3A%2256c19c11bd6f4d0ca4945fb3%22%2C%22c%22%3A%225cc04a0849d4c7187426f928%22%2C%22ad%22%3A%225cc04a0f49d4c7187426f974%22%2C%22p%22%3A%225ce7d3e1a4a4a06e4087319e%22%2C%22b%22%3A%225cc04a0f49d4c7187426f973%22%2C%22pl%22%3A1%2C%22r%22%3A1%2C%22an%22%3A1%2C%22s%22%3A%2256c19c11bd6f4d0ca4945fbd%22%2C%22t%22%3A%225cc04a0849d4c7187426f941%22%2C%22l%22%3A%2256c19c10bd6f4d0ca4945fb2%22%2C%22bf%22%3A%225cc04a0f49d4c7187426f969%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1559549142374%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.155.168 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:41 GMT
cache-control
no-store, must-revalidate, no-cache
server
Kestrel
access-control-allow-origin
*
content-length
43
content-type
image/gif
5cc04a1149d4c7187426f9ce.LubbWyDWO9Lr.html
cdn.bannerflow.com/bf-banners/ Frame 09D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5cc04a1149d4c7187426f9ce.LubbWyDWO9Lr.html?cb=636942890515498875&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5cc04a1149d4c7187426f9ce.LubbWyDWO9Lr.html?cb=636942890515498875&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dec21b592eef0c438edf9890e4589271b1559549142
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:42 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
YMJyKj1GxrSvKOAj2PL7KQ==
last-modified
Fri, 24 May 2019 10:04:11 GMT
x-ms-request-id
d4e1ee78-701e-011d-1218-125e0c000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
HIT
age
578
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e1029dbf932bedd-FRA
content-encoding
br
5cc04a1149d4c7187426f9ce.html
cdn.bannerflow.com/bf-banners/ Frame 1055 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bannerflow.com/bf-banners/5cc04a1149d4c7187426f9ce.html?cb=636942890495185037&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aabc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.bannerflow.com
:scheme
https
:path
/bf-banners/5cc04a1149d4c7187426f9ce.html?cb=636942890495185037&clickpixel=%2F%2F56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522gaming-innovation-group%2522%252C%2522brand%2522%253A%252256c19c11bd6f4d0ca4945fb3%2522%252C%2522placement%2522%253A%25225ce7d3f4a4a4a06e408731a4%2522%252C%2522ad%2522%253A%25225cc04a1149d4c7187426f9cf%2522%252C%2522bannerset%2522%253A%25225cc04a0849d4c7187426f928%2522%252C%2522banner%2522%253A%25225cc04a1149d4c7187426f9ce%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25225cc04a1149d4c7187426f9ce%2522%257D&targeturl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D30543446%3Bcrtbwp%3DXPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA%3Bcrtbdata%3DVC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41%3Badfibeg%3D0%3Bcdata%3DT0vjIyBgGHeEZ2tzv8I5ltwcxw2YETE38C0_ontejQQTRIl_ZaUCh7-C6YrdO1m7HSCzovx2jth5LvvuDFOwzJgNtQgSpZgN_RNgG1_TJ2xNj_jBpu31d9CRgsspTeQrQeEimShqzcc1%3B%3BCREFURL%3Dhttps%253a%252f%252fxn--gemin-xsa.site%252f%3BC%3D1%3Bcpdir%3D%5Btarget_url_esc%5D&targetwindow=_blank&ref=https%3A%2F%2Fxn--gemin-xsa.site%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dec21b592eef0c438edf9890e4589271b1559549142
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:42 GMT
content-type
text/html
cache-control
public,max-age=900
content-md5
/c01G7pVKJMkh0vk/bareg==
last-modified
Fri, 24 May 2019 10:04:09 GMT
x-ms-request-id
55609eb5-501e-0101-4f18-12861b000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
cf-cache-status
HIT
age
484
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e1029dc094ebedd-FRA
content-encoding
br
pixel
56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com/api/tr/v1/ Frame 9D1E 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22https%3A%2F%2Fxn--gemin-xsa.site%2F%22%2C%22s%22%3A%221559549142388_30794%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.4.36%22%2C%22a%22%3A%22gaming-innovation-group%22%2C%22br%22%3A%2256c19c11bd6f4d0ca4945fb3%22%2C%22c%22%3A%225cc04a0849d4c7187426f928%22%2C%22ad%22%3A%225cc04a1149d4c7187426f9cf%22%2C%22p%22%3A%225ce7d3f4a4a4a06e408731a4%22%2C%22b%22%3A%225cc04a1149d4c7187426f9ce%22%2C%22pl%22%3A1%2C%22r%22%3A1%2C%22an%22%3A1%2C%22s%22%3A%2256c19c11bd6f4d0ca4945fc4%22%2C%22t%22%3A%225cc04a0849d4c7187426f941%22%2C%22l%22%3A%2256c19c10bd6f4d0ca4945fb2%22%2C%22bf%22%3A%225cc04a1149d4c7187426f9c4%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1559549142388%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by
Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/scripts/1.4.36/render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.155.168 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site

Response headers

status
200
date
Mon, 03 Jun 2019 08:05:41 GMT
cache-control
no-store, must-revalidate, no-cache
server
Kestrel
access-control-allow-origin
*
content-length
43
content-type
image/gif
register.php10-19-0.js
xn--gemin-xsa.site/register/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--gemin-xsa.site/register/register.php10-19-0.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/libs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.77.42.125 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3145634.ip-51-77-42.eu
Software
nginx/1.14.1 /
Resource Hash

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 08:05:42 GMT
Server
nginx/1.14.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
func7_0.js
www.astrology-zodiac-signs.com/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.astrology-zodiac-signs.com/js/func7_0.js
Requested by
Host: xn--gemin-xsa.site
URL: https://xn--gemin-xsa.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:2090:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c88dd97cbde454dd6140a48aca5426b655ba2ac3094d14d817f3681d1c3a5ec2

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Sat, 01 Jun 2019 18:34:11 GMT
content-encoding
gzip
last-modified
Sun, 06 Jan 2019 13:30:05 GMT
server
nginx
age
135091
etag
W/"5c3202dd-424e"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800,public
alt-svc
clear
content-length
4468
via
1.1 google
expires
Sat, 08 Jun 2019 18:34:11 GMT
flags.png
www.astrology-zodiac-signs.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.astrology-zodiac-signs.com/images/flags.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:2090:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
7bf4025f1f677a478259f5a114dadea870b7374f42f6c0ff2c121618a7f57995

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Fri, 31 May 2019 20:30:18 GMT
via
1.1 google
last-modified
Thu, 01 Feb 2018 19:49:12 GMT
server
nginx
age
214524
etag
"5a736f38-f80"
content-type
image/png
status
200
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
clear
content-length
3968
expires
Sat, 30 May 2020 20:30:18 GMT
flags.png
www.astrology-zodiac-signs.com/images_n/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.astrology-zodiac-signs.com/images_n/flags.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:2090:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fea71acd6cd0daadd5f1be57b8a2a7a76916ce9d9ac998ddcf8e5a5a2d873278

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Fri, 31 May 2019 07:15:00 GMT
via
1.1 google
last-modified
Fri, 06 Apr 2018 03:30:06 GMT
server
nginx
age
262242
etag
"5ac6e9be-1612"
content-type
image/png
status
200
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
clear
content-length
5650
expires
Sat, 30 May 2020 07:15:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BB06 		42 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhLCdp0r8LRAs6IlzZu7VOzGYLOlKpJ45lAQOoCPoxoIvKisx865GCBDRVg9R3vny7Stcqj6vzW-mqcDsOcT7hTi9vys7EIJVZNOOuIfM&sig=Cg0ArKJSzBtf-10HR50NEAE&adk=1850042491&tt=1232&bs=1585%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=181,429,271,1157&mcvt=1016&rs=3&ht=0&tfs=239&tls=1255&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1559549141791&rpt=297&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C5157&ss=1600%2C1200&pt=25&deb=1-3-3-10-14-26-56-12&tvt=1246&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:43 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A74 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCUpNiGNzyiLf58oBtzXmkw5oohKyHcmWlLOpp8fMlILnVlAiq5BLm7weTFRIjRJqJu9u3S5TcG20yfpqKmImz_skO0hFOkI4iTb6ThbM&sig=Cg0ArKJSzPxr5OgvotirEAE&adk=755661642&tt=1232&bs=1585%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=296,1068,546,1368&mcvt=1016&rs=3&ht=0&tfs=239&tls=1255&mc=1&lte=1&bas=0&bac=0&avms=geo&md=2&rst=1559549141808&rpt=279&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C5157&ss=1600%2C1200&pt=25&deb=1-3-3-10-14-26-56-12&tvt=1246&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:43 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame BB06 		35 B
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-7700192280247116775@@30543446,4697690696713461713,100|1200|0|0|0|0|0|0|0||41|0|1538|4BCE65464771DE43_1|||1|0|0|MPxSSu9EFF7lwqRTa6Sfc3HwfRGDuAsveTDdBwfvRYyAZf90mgoh7xqQZdOHxKMGgVD8ayoMvpI1|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:44 GMT
server
nginx
access-control-allow-origin
https://xn--gemin-xsa.site
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame BB06 		35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=30543446&event=178&time=2&banner=32488758&name=Viewable%20impressions&imprid=4697690696713461713&icid=-7700192280247116775&eData=qEBchesqla8F_72kIaIEwjAp3kZrupdm5d03rGn-vMaQEzwhebkkzicZ_L3CSF07oHqyRS__czZMJ9bfWL0xvQ2&rnd=119116794&rtbwp=XPTU1QAAAAA1T5aBy6i-qZ0leWp7WI2fG9GSoA&rtbdata=VC-aFhdiFGv5VTUyIDeVNTL6qAWWvStznjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQ6-X5oXDg1Rq0ObeiGlO28ZVK434Y_fdBnXjiIdcB8q3211ohne5-5SKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:44 GMT
server
nginx
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
track.adform.net/serving/unload/ Frame 1A74 		35 B
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-7700192280247116580@@30543443,3101992005429060902,100|1200|0|0|0|0|0|0|0||47|0|1538|4BCE6546477181A1_1|||1|0|0|2HdKb3acnvblwqRTa6Sfc3HwfRGDuAsveTDdBwfvRYyAZf90mgoh7xqQZdOHxKMGgVD8ayoMvpI1|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:44 GMT
server
nginx
access-control-allow-origin
https://xn--gemin-xsa.site
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 1A74 		35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=30543443&event=178&time=2&banner=32488752&name=Viewable%20impressions&imprid=3101992005429060902&icid=-7700192280247116580&eData=KBOGSLAXifxldx7Pbki_cTAp3kZrupdm5d03rGn-vMaQEzwhebkkzicZ_L3CSF07oHqyRS__czZMJ9bfWL0xvQ2&rnd=548090459&rtbwp=XPTU1QAAAACKSPYZwnQS2w-bCJeRvYHPZYGSDg&rtbdata=VC-aFhdiFGv5VTUyIDeVNXUl4zaWIGllnjySi_tRYIkFuVTdAbTA85OjXh004ARWxtW-6N5SrBwp8vKdaTYD1CK2VQxnACeJ3BzHDZgRMTfvyf1zHsVaNqBBnjOumaHQk0tt4EUZQOe0ObeiGlO28e-g36fmOTCHWbNXJK4A1pFjOmcboBUXESKjldQXizMbArnyfoueSQJUUkjN0ek6CkWLg8AcERWAj8Gw89MX6L41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:44 GMT
server
nginx
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
track.adform.net/serving/unload/ Frame 1A74 		35 B
425 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-7700192280247116580@@30543446,4697690696713461713,100|4600|0|0|0|0|0|0|0||158|0|1538|4BCE65464771DE43_1|||1|0|0|MPxSSu9EFF7lwqRTa6Sfc3HwfRGDuAsveTDdBwfvRYyAZf90mgoh7xqQZdOHxKMGgVD8ayoMvpI1|||01|0@@30543443,3101992005429060902,100|4599|0|0|0|0|0|0|0||181|0|1538|4BCE6546477181A1_1|||1|0|0|2HdKb3acnvblwqRTa6Sfc3HwfRGDuAsveTDdBwfvRYyAZf90mgoh7xqQZdOHxKMGgVD8ayoMvpI1|||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/617/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://xn--gemin-xsa.site/
Origin
https://xn--gemin-xsa.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 08:05:47 GMT
server
nginx
access-control-allow-origin
https://xn--gemin-xsa.site
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
usync.html
eus.rubiconproject.com/ Frame E104 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://xn--gemin-xsa.site/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 30 May 2019 17:53:28 GMT
Content-Encoding
gzip
Content-Length
7539
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=61682
Expires
Tue, 04 Jun 2019 01:13:49 GMT
Date
Mon, 03 Jun 2019 08:05:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame C16E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.37.108 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://xn--gemin-xsa.site/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 03 Jun 2019 08:05:47 GMT
Age
26000631
Connection
keep-alive
X-Served-By
cache-jfk8144-JFK, cache-ams21036-AMS
X-Cache
HIT, HIT
X-Cache-Hits
2350486, 9454502
X-Timer
S1559549148.531562,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0CB2
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://xn--gemin-xsa.site/
accept-encoding
gzip, deflate, br
cookie
i=73f7ff11-167a-447f-b8c3-b10b0c099343|1559549147
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

status
200
vary
Accept
set-cookie
i=73f7ff11-167a-447f-b8c3-b10b0c099343|1559549147; Version=1; Expires=Tue, 02-Jun-2020 08:05:47 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1559549147|mOgikimWiygu; Version=1; Expires=Tue, 18-Jun-2019 08:05:47 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 03 Jun 2019 08:05:47 GMT
content-type
text/html
content-encoding
gzip

Redirect headers

status
302
set-cookie
i=73f7ff11-167a-447f-b8c3-b10b0c099343|1559549147; Version=1; Expires=Tue, 02-Jun-2020 08:05:47 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1
date
Mon, 03 Jun 2019 08:05:47 GMT
content-length
0
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6351 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: www.astrology-zodiac-signs.com
URL: https://www.astrology-zodiac-signs.com/js/main_us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.37.108 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://xn--gemin-xsa.site/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://xn--gemin-xsa.site/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 03 Jun 2019 08:05:47 GMT
Age
26000631
Connection
keep-alive
X-Served-By
cache-jfk8144-JFK, cache-ams21050-AMS
X-Cache
HIT, HIT
X-Cache-Hits
2350486, 7933932
X-Timer
S1559549148.535231,VS0,VE0
Vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask number| vv2 object| googletag object| pbjs function| loadScript function| ddss function| ga object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| iAdsMediaV object| AdSlots object| adunitstoref object| adunitslotref object| iAdsMedia number| bidtt number| sidtt number| GlobalTime number| BrowserWidth number| BrowserHeight function| initAdserver object| adUnits function| A9refreshBids function| refreshBidz function| CheckAds function| runafteraction object| apstag function| pbjsChunk object| __core-js_shared__ number| ActionStart undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| ActionEnd number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| __adform_onload object| Adform function| ADFReload function| ADFCall function| ADFcall object| lazyLoadOptions function| zodiacbirthday function| readhoroscope function| scrollToTop object| elements function| toggle_visibility function| changeMenu function| compaselec object| sktmz function| returnadblock function| onLoad function| addTopSelecter function| attachTopSelecterListeners function| addBottomNav function| attachBottomNavListeners

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56c19c11bd6f4d0ca4945fb3.tracker.bannerflow.com
a3214.casalemedia.com
aax.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.bannerflow.com
eus.rubiconproject.com
ib.adnxs.com
pagead2.googlesyndication.com
prebid.adnxs.com
s1.adform.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
u.openx.net
www.astrology-zodiac-signs.com
www.googletagservices.com
xn--gemin-xsa.site
104.111.230.142
104.75.173.78
151.101.37.108
172.217.22.2
173.241.240.143
185.80.38.183
2600:1901:0:2090::
2606:4700::6810:aabc
2a00:1450:4001:809::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:825::2002
37.157.6.234
37.157.6.246
37.252.161.184
37.252.173.22
51.77.42.125
52.233.155.168
52.94.220.16
99.86.1.198
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1167d81222c701cd763a06d28c037beb927a5748a6e267571faaf0f2abe7d11f
1a69ad8e98d04ca935df4128ac79a7b0bcf19eb968ed30bd5c9deeb317d9db12
1e7866230d200cc5c2a64a830f187441cda2c759629b52587e03949fcc056993
2bcbed8ade63c6e0da313465ab20b2e2e5e5e020609551b4916431d121f46c5f
381f61665ae95de4109c2a3e13b930eeb03f533c2eae56628bce70f54b991985
3c9339e8a7c0410f05b2dba91767ad5eb393573d239bcde151ab14fbb70582df
44fa5bc43ae74dfca90ed343ad099581c6390cf5f35674c609f2078170895995
478c6b278b7bdaeb656033355ed843d2bcfcad523d27da9d2d2ad57561ea304f
4c03402cbf9273c6d0c219e165bbe1996d658b696fbc404df32aaa525fcf2bc6
5046dcaf74f9f5e6db4d94c11d0382d442550a4dbeb1c76ea884fbb20fda6df8
50dd0da271527c57180dcf30a4b2aaad6261269c41ccb8f12140915c93705367
521f8778ebf5873485ae8be5855d4af2d3d5c6b4175282883613fb1c1c56f183
54fb738c38e621e6c99d7bc9ce25e6d9dcd4c5914f070a0000f7b7f6c5c36bc8
5692bd521079e8cd4752b7507c79351940417cc52627458b29e1a280660123b0
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5a297dd6383b1aaf06d8c7d3d5f22c6e6f2075d7e52cec08785e4f07f4bea64b
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
7afd1e931fc5bb2211f4f89e204c9e5d349e7bff9088ab84c97c3e5c50c6f8b6
7bf4025f1f677a478259f5a114dadea870b7374f42f6c0ff2c121618a7f57995
7bf5cc86c3864ac00f684f6b619c01d44070bfca139fe2e91f0677501d8ab568
7cbf5686f7ccee100fc0a18ef1cf36dd9f231996d4f226a075a87061f14c7991
825df7aea3d3fa38e11ca1eb33c9fc5ca78ea7c0f52f5883f9815778b1c94a60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89003e62805cf8f20b024c03004bb3e42481dd28316f3bedf5c668b1c89e3558
8bd06a157f6234495a2a93e0ad4166ebe82bf9d69a20831eadd196aad3f152b6
8f27957dd51b2f45ea4b08c31a1821039cbbebc34df590e83fd7d9c9668efbcd
972003052bb5f58479c1e40e1d9006328c9a84bd3682482a3a7b8640b2bd0b64
a990910f84447fa9713950185d511f59b23bad06d7a2c2ee18bae2d5a1200372
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c79248bdad8cf0ea1c7817536f4abbdafb403cb9a74aa0893ff0a20d2c4fea2b
c88dd97cbde454dd6140a48aca5426b655ba2ac3094d14d817f3681d1c3a5ec2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b7c2826b3e149f8247362d7f9316093f95dbde81865384b65c4d00d4616bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24fbc3ff605a4a639edafbdd6c4fe6a3ca16dbcde124a601cc8c80afcffea91
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5
fea71acd6cd0daadd5f1be57b8a2a7a76916ce9d9ac998ddcf8e5a5a2d873278