sdxfg.ga Open in urlscan Pro
80.211.246.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sdxfg.ga/io/Ourtime/ourtime.html
Submission: On March 13 via automatic, source phishtank (March 13th 2018, 4:04:19 am UTC)

Summary HTTP 55 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 55 HTTP transactions. The main IP is 80.211.246.161, located in Arezzo, Italy and belongs to ARUBA, PL. The main domain is sdxfg.ga.

This is the only time sdxfg.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ourtime.com (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	80.211.246.161 80.211.246.161	205727 (ARUBA) (ARUBA)
13	2.18.232.235 2.18.232.235	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	172.217.22.106 172.217.22.106	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.230.45.71 54.230.45.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 5	173.241.240.148 173.241.240.148	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2	172.217.22.99 172.217.22.99	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.94.220.16 52.94.220.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.110 172.217.22.110	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.111.9.30 23.111.9.30	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
2	23.111.11.222 23.111.11.222	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
4	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.201.79.55 34.201.79.55	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2	216.58.208.33 216.58.208.33	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.108.38.156 104.108.38.156	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	62.67.193.96 62.67.193.96	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	62.67.193.63 62.67.193.63	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	208.83.240.87 208.83.240.87	19071 (MATCHCOM) (MATCHCOM - Match.com)
55	20

1 80.211.246.161 (Arezzo, Italy)

ASN205727 (ARUBA, PL)
PTR: host161-246-211-80.static.arubacloud.pl

sdxfg.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.232.235 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)

pmi.peoplemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.106 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f106.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.45.71 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-45-71.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.241.240.148 (New York, United States) 2 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-148.xa.dc.openx.org

ox-d.match.servedbyopenx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.99 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.220.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.110 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.30 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

asset.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.11.222 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

asset.pagefair.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.201.79.55 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-201-79-55.compute-1.amazonaws.com

stats.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.33 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.38.156 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-38-156.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.96 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.63 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.83.240.87 (Dallas, United States)

ASN19071 (MATCHCOM - Match.com, L.L.C., US)

appd-eum.match.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	peoplemedia.com pmi.peoplemedia.com	154 KB
8	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	169 KB
5	servedbyopenx.com 2 redirects ox-d.match.servedbyopenx.com	59 KB
4	doubleclick.net securepubads.g.doubleclick.net	81 KB
4	pagefair.com asset.pagefair.com stats.pagefair.com	7 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com	10 KB
2	openx.net 1 redirects u.openx.net	792 B
2	google.com adservice.google.com	783 B
2	google.de adservice.google.de	783 B
2	pagefair.net asset.pagefair.net	1 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	amazon-adsystem.com c.amazon-adsystem.com aax.amazon-adsystem.com	5 KB
1	match.com appd-eum.match.com	322 B
1	moatads.com z.moatads.com	75 KB
1	google-analytics.com www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	6 KB
1	sdxfg.ga sdxfg.ga	14 KB
55	18

	Domain	Requested by
13	pmi.peoplemedia.com	sdxfg.ga pmi.peoplemedia.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net optimized-by.rubiconproject.com pagead2.googlesyndication.com
5	ox-d.match.servedbyopenx.com	2 redirects sdxfg.ga
4	securepubads.g.doubleclick.net	www.googletagservices.com pmi.peoplemedia.com securepubads.g.doubleclick.net sdxfg.ga
4	fonts.googleapis.com	sdxfg.ga
3	asset.pagefair.com	sdxfg.ga asset.pagefair.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	u.openx.net	1 redirects
2	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
2	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
2	asset.pagefair.net	sdxfg.ga
2	fonts.gstatic.com	pmi.peoplemedia.com sdxfg.ga
1	appd-eum.match.com	pmi.peoplemedia.com
1	beacon-eu2.rubiconproject.com	sdxfg.ga
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	z.moatads.com	securepubads.g.doubleclick.net
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	stats.pagefair.com	pmi.peoplemedia.com
1	www.google-analytics.com	sdxfg.ga
1	www.googletagservices.com	sdxfg.ga
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	c.amazon-adsystem.com	sdxfg.ga
1	sdxfg.ga
55	23

This site contains links to these domains. Also see Links.

Domain
www.peoplemedia.com
www.ourtime.com
www.match.com
www.matchmediagroup.com
www.chemistry.com
www.blackpeoplemeet.com
www.bbpeoplemeet.com

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://sdxfg.ga/io/Ourtime/ourtime.html
Frame ID: 8478AE8D62B75A586E434E076B37DE6E
Requests: 42 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/4612.js
Frame ID: BDFB4559AB34F1165D0C94E464CF0BCC
Requests: 11 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/show_ads_impl.js
Frame ID: 3B89C88CA96C0FCAD0620F486B47990F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

55
Requests

0 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

20
IPs

6
Countries

623 kB
Transfer

1782 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.peoplemedia.com/
Title: A People Media Site

Search URL Search Domain Scan URL

URL: https://www.ourtime.com/?notrack
Title: home

Search URL Search Domain Scan URL

URL: https://www.ourtime.com/v3/billing/
Title: billing

Search URL Search Domain Scan URL

URL: http://www.match.com/cp/careers/CurrentOpenings.html
Title: careers

Search URL Search Domain Scan URL

URL: http://www.matchmediagroup.com/
Title: advertise with us

Search URL Search Domain Scan URL

URL: http://www.match.com/
Title: Match.com

Search URL Search Domain Scan URL

URL: http://www.chemistry.com/
Title: Chemistry.com

Search URL Search Domain Scan URL

URL: https://www.blackpeoplemeet.com/?notrack
Title: Black Singles

Search URL Search Domain Scan URL

URL: https://www.bbpeoplemeet.com/?notrack
Title: Big and Beautiful

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 32

http://ox-d.match.servedbyopenx.com/w/1.0/acj?ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1 HTTP 302
http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1

Request Chain 34

http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1 HTTP 302
http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1

Request Chain 35

http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1 HTTP 302
http://u.openx.net/w/1.0/sc?cc=1&r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ourtime.html Show response
sdxfg.ga/io/Ourtime/ 14 KB
14 KB 50ms
25ms Document
text/html 80.211.246.161
ARUBA

General

Check archive.org

Show headers Download Go to

Full URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 80.211.246.161 Arezzo, Italy, ASN205727 (ARUBA, PL),
Reverse DNS: host161-246-211-80.static.arubacloud.pl
Software: Apache /
Resource Hash: fff2adeb01489d2244dc132d00f886bf779b3c5be7b31ff2a9762e847e3d566a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sdxfg.ga
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:07 GMT
Last-Modified: Fri, 21 Jul 2017 00:54:12 GMT
Server: Apache
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13847

GET
H/1.1 200
OK adrum.js Show response
pmi.peoplemedia.com/pmicontent/appd/ 37 KB
12 KB 144ms
118ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/appd/adrum.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8a5a9a6139ec201e3cfe3a01f1d3fe20ba83bd2a95397d5d5b9c974ad2f5d031

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:14 GMT
Server: Microsoft-IIS/8.5
ETag: "c9355c5e60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12375

GET
S 200 css
fonts.googleapis.com/ 1 KB
560 B 20ms
18ms Stylesheet
text/css 172.217.22.106
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f106.1e100.net

Software

ESF /

Resource Hash

6fd8d79dbc9c61829d8dfbb70e1eaddbcfd88c4f891150e48d7cf582910153fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Mar 2018 04:04:08 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
528 B 20ms
19ms Stylesheet
text/css 172.217.22.106
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:700

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f106.1e100.net

Software

ESF /

Resource Hash

68145136ca159c789a19c2da9c45a4666eac968074c3a86d2b9023d089493716

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Mar 2018 04:04:08 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
525 B 21ms
19ms Stylesheet
text/css 172.217.22.106
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400italic

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f106.1e100.net

Software

ESF /

Resource Hash

ce8b2b5bd33eb86ca274ea60cc51f0f2eec21a78b38fdf082849e43c427f42b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Mar 2018 04:04:08 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
527 B 21ms
19ms Stylesheet
text/css 172.217.22.106
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:700italic

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f106.1e100.net

Software

ESF /

Resource Hash

66a44a1d8000f828bd687fd72a52a8952e4958c78c40c2831ca224474be628dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
last-modified: Tue, 13 Mar 2018 04:04:08 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
H/1.1 200
OK base_external.css
pmi.peoplemedia.com/pmicontent/styles/ 31 KB
5 KB 32ms
7ms Stylesheet
text/css 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/styles/base_external.css

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1c4166837ed5a8db25fc85a4fda3052f3aa486906e89401b1d7c8a21946c11c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "b2ef775f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4674

GET
H/1.1 200
OK theme.css
pmi.peoplemedia.com/pmicontent/166/ 37 KB
8 KB 142ms
117ms Stylesheet
text/css 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/166/theme.css

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5739a1525362be4c864dd6dedfcdbd7344fa0867543884b1fc37f62d122976c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:10 GMT
Server: Microsoft-IIS/8.5
ETag: "abfd1f5c60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7517

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
pmi.peoplemedia.com/pmicontent/scripts/jquery/ 94 KB
33 KB 31ms
6ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/jquery/jquery-1.11.1.min.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "a6666e5f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33276

GET
H/1.1 200
OK lib.json2.min.js Show response
pmi.peoplemedia.com/pmicontent/scripts/ 3 KB
2 KB 30ms
5ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/lib.json2.min.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

bfcfa4f55447b8f8cd5a9a5f960e6be9d28691f08d0e0659b969222ce19cc63c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "548d755f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1417

GET
H/1.1 200
OK jquery-ui-1.11.2.min.js Show response
pmi.peoplemedia.com/pmicontent/scripts/jquery/ 234 KB
63 KB 31ms
6ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/jquery/jquery-ui-1.11.2.min.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0beb05bc319cf0a3e605fd380575f62ce90ebf05b056481647e755ef3e67e2eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "262b735f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63736

GET
H/1.1 200
OK jquery-mods.js Show response
pmi.peoplemedia.com/pmicontent/scripts/jquery/ 16 KB
4 KB 37ms
6ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/jquery/jquery-mods.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

cfc5478dd020fb2ffc443894998449b6480e4df951c9df4eca3c428786af2550

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "262b735f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3623

GET
H/1.1 200
OK menu.js Show response
pmi.peoplemedia.com/pmicontent/v6/scripts/ 3 KB
1 KB 37ms
6ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/v6/scripts/menu.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e69ebd7ae7adb263c13759d66c1daa524fd7c9a0639ffd032b014ab5956688ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:13 GMT
Server: Microsoft-IIS/8.5
ETag: "a8ac525e60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 707

GET
H/1.1 200
OK loggerv2.js Show response
pmi.peoplemedia.com/pmicontent/scripts/ 9 KB
2 KB 41ms
5ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/loggerv2.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c9b4bd17fdf46d54d9ead1e9c8dc41b2e123d86259177d3a10f419ba6b8cf595

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "548d755f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1462

GET
H/1.1 200
OK stacktrace-min-0.3.js Show response
pmi.peoplemedia.com/pmicontent/scripts/ 4 KB
2 KB 42ms
5ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://pmi.peoplemedia.com/pmicontent/scripts/stacktrace-min-0.3.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f40c7802fed53bf864c2bb1ed8ae01f70866eb8ec379dbac518053427d904fd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:15 GMT
Server: Microsoft-IIS/8.5
ETag: "548d755f60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1772

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ 12 KB
4 KB 12ms
6ms Script
application/javascript 54.230.45.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 54.230.45.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-45-71.fra6.r.cloudfront.net
Software: Server /
Resource Hash: dc6d21fcbae89c0eee2a0c6453be298e95f4e27860b6161bc11d07656c3cdf37

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 18:01:26 GMT
Content-Encoding: gzip
Server: Server
Age: 36162
ETag: 0d5ad011a0e6a41561b786f588f2731b
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f2cc6dbe7150e50a6bc010a2d6868e5f.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4002
X-Amz-Cf-Id: rk3u3Biy-9obbbzKLvJ-FN-FWkB3UFbbSYuVxDGdtnoZesK7LGKPmw==

GET
H/1.1 200
OK jstag Show response
ox-d.match.servedbyopenx.com/w/1.0/ 188 KB
58 KB 33ms
21ms Script
text/javascript 173.241.240.148
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://ox-d.match.servedbyopenx.com/w/1.0/jstag?nc=7214-PM
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 173.241.240.148 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-148.xa.dc.openx.org
Software: OXGW/13.4.1 /
Resource Hash: ffc714425c18ded1ea9ddd51ba921d2b070e00e0828dc553f471ab4a6b9a0b35

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Server: OXGW/13.4.1
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=3600
Content-Type: text/javascript
Content-Length: 59052
Expires: Tue, 13 Mar 2018 05:04:08 GMT

GET
H/1.1 200
OK logo.png
pmi.peoplemedia.com/pmicontent/166/images/ 3 KB
3 KB 118ms
117ms Image
image/png 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmi.peoplemedia.com/pmicontent/166/images/logo.png

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

00894af01726cb0e9bccda4b7ebd47ad378235257433cd39d6cb9a00f5a3cb28

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Last-Modified: Wed, 07 Mar 2018 22:05:10 GMT
Server: Microsoft-IIS/8.5
ETag: "6311145c60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2608

GET
S 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v9/ 11 KB
11 KB 6ms
6ms Font
font/woff2 172.217.22.99
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: pmi.peoplemedia.com
URL: https://pmi.peoplemedia.com/pmicontent/scripts/jquery/jquery-1.11.1.min.js

Protocol

SPDY

Server

172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f99.1e100.net

Software

sffe /

Resource Hash

0d613ba0e478b9a0db3481d87caff8cb0bd479ab81cb6e8e3283905ce639a924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400
Origin: http://sdxfg.ga

Response headers

date: Thu, 08 Feb 2018 18:58:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:27:18 GMT
server: sffe
age: 2797513
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 11248
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:58:55 GMT

GET
H/1.1 200
OK bid Show response
aax.amazon-adsystem.com/e/dtb/ 33 B
243 B 56ms
30ms Script
text/javascript 52.94.220.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aax.amazon-adsystem.com/e/dtb/bid?src=3121&u=http%3A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html&cb=6649209
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: d16786e41bb5f1d2469ee0cef30490242378e4570f62193baad6bb32091e6ec2

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Server: Server
Connection: Keep-Alive
Keep-Alive: timeout=2, max=20
Content-Length: 33
Vary: User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 14 KB
6 KB 46ms
40ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

01eff407cdea0edf4b5ce9e2bd22848e8d9745f981183dd0ce92fdee41f54279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "3 / 784 of 1000 / last-modified: 1520883369"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 6055
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
H/1.1 200
OK headerbg.jpg
pmi.peoplemedia.com/pmicontent/166/images/ 5 KB
5 KB 118ms
117ms Image
image/jpeg 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmi.peoplemedia.com/pmicontent/166/images/headerbg.jpg

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3f6c8f3a0506ab9f82c38efb24dddc8810b23fb1d8abdfafd108411f352a42f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pmi.peoplemedia.com/pmicontent/166/theme.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Last-Modified: Wed, 07 Mar 2018 22:05:10 GMT
Server: Microsoft-IIS/8.5
ETag: "1baf115c60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4988

GET
S 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v9/ 11 KB
11 KB 6ms
6ms Font
font/woff2 172.217.22.99
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f99.1e100.net

Software

sffe /

Resource Hash

9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans:700
Origin: http://sdxfg.ga

Response headers

date: Thu, 08 Feb 2018 18:58:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:28:43 GMT
server: sffe
age: 2797513
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 11404
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:58:55 GMT

GET
S

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

172.217.22.110
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 6882
date: Tue, 13 Mar 2018 02:09:26 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 17172
expires: Tue, 13 Mar 2018 04:09:26 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK measure.min.js Show response
asset.pagefair.com/ 11 KB
5 KB 12ms
6ms Script
application/x-javascript 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://asset.pagefair.com/measure.min.js
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 100770ceb57c9e10d5283206c1ae0b2b9653a0433021f48e9808751d3900c384

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 17:19:01 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: D5B5240164C9DB10
ETag: "0ebc88ed6f84ce3a1c2f7c4acedf2e13"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4825
x-amz-id-2: DtnfLOx79j2YNSsEpLeFwPebYo84y6JwPaqAVcWffpS1Dc+cIb4XFE10jPsXMGpNsZ0+Z6YXTNg=

GET
H/1.1 200
OK ads.min.js Show response
asset.pagefair.net/ 0
500 B 11ms
5ms Script
application/x-javascript 23.111.11.222
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://asset.pagefair.net/ads.min.js
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 23.111.11.222 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 17:19:02 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: DCB261F335086CD2
ETag: "263dfc0b0e2e32b880781aa6f238a031"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31
x-amz-id-2: lrkZRB3onBB1ojzRExlRErXVgOAEc9geyK760KHjx7fDiWi0M8E4H2IfU9N9Ylf7zqy6D4mvJCU=

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 108 B
609 B 28ms
15ms Script
application/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sdxfg.ga

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 108 B
609 B 27ms
14ms Script
application/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sdxfg.ga

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_185.js Show response
securepubads.g.doubleclick.net/gpt/ 183 KB
65 KB 63ms
41ms Script
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

sffe /

Resource Hash

90694031e1f9e4cbf15db214cf3a9e86419892d63535e9416e975439c8b6b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Mar 2018 21:51:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 65842
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:08 GMT

GET
H/1.1 200
OK adsense.js Show response
asset.pagefair.com/adimages/ 0
503 B 6ms
6ms Script
application/x-javascript 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://asset.pagefair.com/adimages/adsense.js
Requested by: Host: asset.pagefair.com
URL: http://asset.pagefair.com/measure.min.js
Protocol: HTTP/1.1
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 17:19:01 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: E9EC4F2D3466DAC9
ETag: "8193452d6ae440ec23eff2e1559d5461"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31
x-amz-id-2: YhBMmqPJ2HPz8X4yMAGM4JRC38b+0Epe5ZPLE+zO/a/KtfE3SDjPveHAymdJXLMdg2AfOyCHWq0=

GET
H/1.1 200
OK textlink-ads.jpg
asset.pagefair.net/adimages/ 518 B
688 B 6ms
6ms Image
image/jpeg 23.111.11.222
netDNA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asset.pagefair.net/adimages/textlink-ads.jpg
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 23.111.11.222 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 17:19:02 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 6821F8BF8A922526
ETag: "262857636d8f02be18171bed8e10c82b"
X-Cache: HIT
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229
x-amz-id-2: Glsdt+55pBoPqP23qZI5y3pQJMpkVi9eJkxrTpr+Vjv0HYg79pu35W0mkjgWg4AD9BKO52E7DHI=

GET
H/1.1 200
OK textlink-ads.jpg
asset.pagefair.com/adimages/ 518 B
688 B 12ms
6ms Image
image/jpeg 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asset.pagefair.com/adimages/textlink-ads.jpg
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 17:19:02 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 3E7A2FF43E6A742D
ETag: "262857636d8f02be18171bed8e10c82b"
X-Cache: HIT
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229
x-amz-id-2: rC2aG4zttrT4NCLkjtomNFEmN8i4wI1UWPzTqZHjaYzoSrnE5IDT692Tc045Oo4isrmPySSbKnY=

GET
H/1.1 200
OK a.js Show response
stats.pagefair.com/stats/page_view_event/BC55F2ABDA404378/ 25 B
717 B 199ms
100ms XHR
application/javascript 34.201.79.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://stats.pagefair.com/stats/page_view_event/BC55F2ABDA404378/a.js?wl_div_hid_t0=0&div_hid_t0=0&s_blk=0&wl_i_blk=0&i_blk=0&is_ab=0&is_wl=1&new_monthly=1&new_daily=1&_=1520913848650
Requested by: Host: pmi.peoplemedia.com
URL: https://pmi.peoplemedia.com/pmicontent/appd/adrum.js
Protocol: HTTP/1.1
Server: 34.201.79.55 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-201-79-55.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2671d72b96d6d9a1b8bbc1429048505ea6dbc3514daf22ab6dd6dfc8a70ce8d3

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
Origin: http://sdxfg.ga
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: http://sdxfg.ga
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-TOKEN
Content-Length: 25

GET
H/1.1

302
Moved Temporarily

acj Show response
ox-d.match.servedbyopenx.com/w/1.0/
Redirect Chain

http://ox-d.match.servedbyopenx.com/w/1.0/acj?ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=250...
http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&b...

0
-1 B

13ms
13ms

XHR

173.241.240.148
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Protocol: HTTP/1.1
Server: 173.241.240.148 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-148.xa.dc.openx.org
Software: OXGW/13.4.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Location: http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/13.4.1
Access-Control-Allow-Origin: http://sdxfg.ga
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&bt=2500&dims=1600x1200&adxy=223%2C315&c.gender=f&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/13.4.1
Access-Control-Allow-Origin: http://sdxfg.ga
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK adrum-ext.dd9fb31bfbfbc5719aa4caed486bc048.js Show response
pmi.peoplemedia.com/pmicontent/appd/ 44 KB
15 KB 337ms
337ms Script
application/javascript 2.18.232.235
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

http://pmi.peoplemedia.com/pmicontent/appd/adrum-ext.dd9fb31bfbfbc5719aa4caed486bc048.js

Requested by

Host: pmi.peoplemedia.com
URL: https://pmi.peoplemedia.com/pmicontent/appd/adrum.js

Protocol

HTTP/1.1

Server

2.18.232.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3498480b9ca24d5a5cb069044634f85d875091a7f49ec9e7b639f35c8ce9c42c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 07 Mar 2018 22:05:14 GMT
Server: Microsoft-IIS/8.5
ETag: "c9355c5e60b6d31:0"
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14910

GET
H/1.1

302
Moved Temporarily

sc Show response
u.openx.net/w/1.0/
Redirect Chain

http://ox-d.match.servedbyopenx.com/w/1.0/acj?cc=1&ai=c705dd00-e696-47b5-9c38-79faff961e64&ju=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&jr=&be=1&prf=0&auid=538758550&aus=300x600%2C300x250&bc=hb_2&b...
http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime....

0
-1 B

13ms
13ms

XHR

173.241.240.148
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Protocol: HTTP/1.1
Server: 173.241.240.148 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-148.xa.dc.openx.org
Software: OXGW/13.4.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Location: http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/13.4.1
Access-Control-Allow-Origin: http://sdxfg.ga
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Access-Control-Allow-Credentials: true
Server: OXGW/13.4.1
Access-Control-Allow-Origin: http://sdxfg.ga
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

302
Moved Temporarily

sc Show response
u.openx.net/w/1.0/
Redirect Chain

http://u.openx.net/w/1.0/sc?r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime....
http://u.openx.net/w/1.0/sc?cc=1&r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Four...

0
-1 B

24ms
12ms

XHR

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://u.openx.net/w/1.0/sc?cc=1&r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/13.4.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Location: http://u.openx.net/w/1.0/sc?cc=1&r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Server: OXGW/13.4.1
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location: http://u.openx.net/w/1.0/sc?cc=1&r=http%3A%2F%2Fox-d.match.servedbyopenx.com%2Fw%2F1.0%2Facj%3Fcc%3D1%26ai%3Dc705dd00-e696-47b5-9c38-79faff961e64%26ju%3Dhttp%253A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html%26jr%3D%26be%3D1%26prf%3D0%26auid%3D538758550%26aus%3D300x600%252C300x250%26bc%3Dhb_2%26bt%3D2500%26dims%3D1600x1200%26adxy%3D223%252C315%26c.gender%3Df%26res%3D1600x1200x24%26plg%3Dpm%26ch%3DUTF-8%26tz%3D0%26ws%3D1600x1200%26ifr%3D0%26tws%3D1600x1200%26vmt%3D1%26sd%3D1
Date: Tue, 13 Mar 2018 04:04:08 GMT
Server: OXGW/13.4.1
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 200ms
199ms XHR
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=404075680179418&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061212%2C21061645%2C21061149%2C21061721&sc=0&sfv=1-0-17&iu_parts=7214%2Cmat.ot%2CLogout&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=800x600%7C300x250%7C300x600&prev_scp=ad_group%3Dad_ex4%26tile%3D1%26dc_ref%3D%252Fv3%252Flogout%26oxb%3D300x600_0%252Chb-bid-3fed7759330487&cust_params=s%3Dpm%26gender%3Df%26gp%3D1%26mm%3D0%26ord%3D176514393&cookie_enabled=1&abxe=1&lmt=1500598452&dt=1520913849013&frm=20&biw=1585&bih=1200&oid=3&adxs=223&adys=315&adks=1941051647&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsdxfg.ga%2Fio%2FOurtime%2Fourtime.html&dssz=31&icsg=2147483656&std=0&vrg=185&vis=1&scr_x=0&scr_y=0&ga_vid=1256351327.1520913849&ga_sid=1520913849&ga_hid=740421100

Requested by

Host: pmi.peoplemedia.com
URL: https://pmi.peoplemedia.com/pmicontent/appd/adrum.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

cafe /

Resource Hash

a912900e5c4b5dbb42cfe299c0fe8ba8fa47310aeb9fd07bbb7a3f190d3c8ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
Origin: http://sdxfg.ga

Response headers

date: Tue, 13 Mar 2018 04:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 1775
x-xss-protection: 1; mode=block
google-lineitem-id: 90281283
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 31622194083
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://sdxfg.ga
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_185.js Show response
securepubads.g.doubleclick.net/gpt/ 40 KB
14 KB 40ms
40ms Script
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_185.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

sffe /

Resource Hash

e9601276327857c754be1542416018e457b23493f2424f861429bf6d5413d58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Mar 2018 04:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Mar 2018 21:51:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 14327
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 04:04:09 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-17/html/ 0
0 12ms
6ms Other
text/html 216.58.208.33
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-17/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js

Protocol

HTTP/1.1

Server

216.58.208.33 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 28 Feb 2018 18:50:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Feb 2018 14:43:12 GMT
Server: sffe
Age: 1069993
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1451
X-XSS-Protection: 1; mode=block
Expires: Thu, 28 Feb 2019 18:50:56 GMT

GET
H/1.1 200
OK 4612.js Show response
ads.rubiconproject.com/ad/ Frame BDFB 26 KB
7 KB 22ms
6ms Script
text/javascript 104.108.38.156
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/4612.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js
Protocol: HTTP/1.1
Server: 104.108.38.156 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-38-156.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 6010b9e4de0ae092bf0e811fb16268663f6d992dad99c7f7f054714b0c8f0fe2

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2146
Connection: keep-alive
Content-Length: 7334
Expires: Tue, 13 Mar 2018 04:39:55 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180307/r20110914/activeview/ Frame BDFB 71 KB
26 KB 20ms
6ms Script
text/javascript 216.58.208.33
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180307/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js

Protocol

SPDY

Server

216.58.208.33 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f1.1e100.net

Software

cafe /

Resource Hash

8f9c6d53912d22f00fab4ac2814ffdc78eff4cd6cc3426139637b3bd4f2e3a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 07 Mar 2018 14:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 26418
x-xss-protection: 1; mode=block
server: cafe
etag: 16391050125601492395
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Mar 2018 14:04:37 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/matchmediagroupdfp20782010048/ Frame BDFB 245 KB
75 KB 30ms
6ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/matchmediagroupdfp20782010048/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js
Protocol: HTTP/1.1
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01637035317fa09366cb250bb0c07b30156bb3c931b78177c74b4eb6c96d0acb

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Mar 2018 22:28:05 GMT
Server: AmazonS3
x-amz-request-id: EF1F3E976C2591BF
ETag: "daf6ed46be73a935d9f7b3a12fc8f6af"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31225
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76586
x-amz-id-2: ruQQpO2+asPv85ul//6i7ZEjFaX17kPPCNDEOelgFa6TUQKiNIWA+0I1wnUpWa+lAwbT/AfyAUk=

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 74 KB
27 KB 13ms
7ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_185.js

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

89d4b11653ec6bea136567153d34b29db6061ed0f089971446c25fa6e367104e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 13 Mar 2018 03:20:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2606
ETag: 12855780180436355008
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27570
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Mar 2018 04:20:43 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDFB 0
74 B 16ms
16ms Image
text/html 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ-46ODwpEmVITiWLhng1BfPDrJqsiG8bCvjRzmdy5ezlcZwyCtVWCwfsTXjRRu5j0NjsTqtQsVNn9Im5_WVXRUajinmgdL9pWgJo7UV5vDNQdTPjDVdVUO2qO2sZFSfA6FgxN_-GKv6csAIW3nRpPFbzxEPwABg8U3Oa4pFY4C9eaj64C0kj9gXMcF76Lhl4kW0HpD-R-Gikfiy5x-pfzgHWlsShQpGBeu5HGbq2O&sig=Cg0ArKJSzP3QCJ0r6UtmEAE&urlfix=1&adurl=

Requested by

Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Mar 2018 04:04:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 26550-10.js Show response
optimized-by.rubiconproject.com/a/4612/6230/ Frame BDFB 2 KB
2 KB 54ms
46ms Script
text/javascript 62.67.193.96
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/4612/6230/26550-10.js?&cb=0.4816517214627276&tk_st=1&rf=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&rp_s=c&tg_v.gender=f&p_pos=atf&p_screen_res=1600x1200&ad_slot=6230_10
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/4612.js
Protocol: HTTP/1.1
Server: 62.67.193.96 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 1244f0005afef47e423b40dc08b9ac07561ddee918467c38c4d31e8aaa024da6

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=96
Content-Length: 911
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame BDFB 52 KB
21 KB 18ms
17ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/4612/6230/26550-10.js?&cb=0.4816517214627276&tk_st=1&rf=http%3A//sdxfg.ga/io/Ourtime/ourtime.html&rp_s=c&tg_v.gender=f&p_pos=atf&p_screen_res=1600x1200&ad_slot=6230_10

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

00320125a523f1fb3a428a6a58ad6b241ecd67fdb3bd15be93ddda3a75d4f8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8331436723917063950
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 20573
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Mar 2018 04:04:09 GMT

GET
H/1.1 200
OK 2172e15a-1d26-46b6-bf80-cb88554ac964
beacon-eu2.rubiconproject.com/beacon/d/ Frame BDFB 43 B
268 B 14ms
7ms Image
image/webp 62.67.193.63
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/2172e15a-1d26-46b6-bf80-cb88554ac964?oo=0&accountId=4612&siteId=6230&zoneId=26550&e=6A1E40E384DA563BC17FF89AA78D46319C7405C734F84C4B4A05083B86E0B4BF69E0E516F8E76716C6F1078EC71D88939954124E1850BA70A92500FE5DA6E7E34099852335E8BCC918F8D5065777BA6E68670CCDB54A6D2ED652CEDA8027500D8C4F911677422D9F1706BA9836315906139E40E66E36418584D3F259FEE44F3F0B5CA576A8C3A2351B306DECBE4FFA69E82A954C1004678A
Requested by: Host: sdxfg.ga
URL: http://sdxfg.ga/io/Ourtime/ourtime.html
Protocol: HTTP/1.1
Server: 62.67.193.63 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Mar 2018 04:04:08 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame BDFB 108 B
174 B 14ms
14ms Script
application/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sdxfg.ga

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Mar 2018 04:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame BDFB 108 B
174 B 14ms
14ms Script
application/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sdxfg.ga

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Mar 2018 04:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-2475780245225692.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame BDFB 68 B
472 B 19ms
6ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2475780245225692.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 12 Mar 2018 19:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 30294
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 88
x-xss-protection: 1; mode=block
expires: Tue, 13 Mar 2018 07:39:15 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/ Frame 3B89 179 KB
67 KB 24ms
24ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

3374a1abd03bb88b98c5744f0fac3b343d11a501738be89c113d76501c9c11f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 13 Mar 2018 04:04:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8509821445481744142
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 67882
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Mar 2018 04:04:09 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/ Frame 3B89 74 KB
27 KB 23ms
22ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180307/r20170110/show_ads_impl.js

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

89d4b11653ec6bea136567153d34b29db6061ed0f089971446c25fa6e367104e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 07 Mar 2018 14:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 27570
x-xss-protection: 1; mode=block
server: cafe
etag: 12855780180436355008
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Mar 2018 14:12:18 GMT

POST
H/1.1 200
OK adrum Show response
appd-eum.match.com/eumcollector/beacons/browser/v1/EUM-AAB-AUM/ 0
322 B 503ms
126ms XHR
text/html 208.83.240.87
Match.com

General

Check archive.org

Show headers Download Go to

Full URL: https://appd-eum.match.com/eumcollector/beacons/browser/v1/EUM-AAB-AUM/adrum
Requested by: Host: pmi.peoplemedia.com
URL: https://pmi.peoplemedia.com/pmicontent/appd/adrum.js
Protocol: HTTP/1.1
Server: 208.83.240.87 Dallas, United States, ASN19071 (MATCHCOM - Match.com, L.L.C., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
Origin: http://sdxfg.ga
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Mar 2018 04:04:38 GMT
Vary: *
Content-Type: text/html
Access-Control-Allow-Origin: *
AppD-Request-Id: 53d1882081225b8f
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Transfer-Encoding: chunked
Expires: 0

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BDFB 42 B
178 B 15ms
15ms Image
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGWNnzdjOybT89RWY3-qDGM_ZUBREmYYFk3AAE4LrDMuAlDTMqwavs7e-Lu9eTp-dpdP1pkHYjE55_sL9AE9JGXkbAGb3FJ_c&sig=Cg0ArKJSzO4r-J980O0LEAE&id=osdim&ti=1&adk=1941051647&tt=1592&bs=1585,1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=315,223,915,523&zac=1&inapp=0&mcvt=1010&rs=3&ht=0&tfs=583&tls=1593&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,1110&ss=1600,1200&pt=1&deb=1-1-1-3-16-9-17-14&tvt=1583&op=1&avms=geo&r=v&uc=10&tgt=INS&cl=1&cec=14&clc=1&cac=0&cd=300x600&v=r20180307

Protocol

SPDY

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sdxfg.ga/io/Ourtime/ourtime.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Mar 2018 04:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ourtime.com (Online)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sdxfg.ga/	1969-12-31 23:59:59	Name: OX_BI Value:
sdxfg.ga/	1969-12-31 23:59:59	Name: OX_digitrust_id Value:
sdxfg.ga/	1970-01-18 14:29:45	Name: bm_daily_unique Value: true
sdxfg.ga/	1969-12-31 23:59:59	Name: OX_plg Value: pm
sdxfg.ga/	1970-01-18 14:55:40	Name: bm_monthly_unique Value: true
sdxfg.ga/	1969-12-31 23:59:59	Name: OX_digitrust_id_exp Value:
sdxfg.ga/	1969-12-31 23:59:59	Name: OX_BI_TS Value:
sdxfg.ga/	1970-01-23 06:41:45	Name: bm_last_load_status Value: NOT_BLOCKING
sdxfg.ga/	1970-01-18 14:28:35	Name: OX_sd Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
appd-eum.match.com
asset.pagefair.com
asset.pagefair.net
beacon-eu2.rubiconproject.com
c.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
optimized-by.rubiconproject.com
ox-d.match.servedbyopenx.com
pagead2.googlesyndication.com
pmi.peoplemedia.com
sdxfg.ga
securepubads.g.doubleclick.net
stats.pagefair.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.googletagservices.com
z.moatads.com
104.108.38.156
172.217.22.106
172.217.22.110
172.217.22.66
172.217.22.98
172.217.22.99
173.241.240.143
173.241.240.148
2.18.232.235
2.18.235.40
208.83.240.87
216.58.208.33
23.111.11.222
23.111.9.30
34.201.79.55
52.94.220.16
54.230.45.71
62.67.193.63
62.67.193.96
80.211.246.161
00320125a523f1fb3a428a6a58ad6b241ecd67fdb3bd15be93ddda3a75d4f8ca
00894af01726cb0e9bccda4b7ebd47ad378235257433cd39d6cb9a00f5a3cb28
01637035317fa09366cb250bb0c07b30156bb3c931b78177c74b4eb6c96d0acb
01eff407cdea0edf4b5ce9e2bd22848e8d9745f981183dd0ce92fdee41f54279
0beb05bc319cf0a3e605fd380575f62ce90ebf05b056481647e755ef3e67e2eb
0d613ba0e478b9a0db3481d87caff8cb0bd479ab81cb6e8e3283905ce639a924
100770ceb57c9e10d5283206c1ae0b2b9653a0433021f48e9808751d3900c384
1244f0005afef47e423b40dc08b9ac07561ddee918467c38c4d31e8aaa024da6
1c4166837ed5a8db25fc85a4fda3052f3aa486906e89401b1d7c8a21946c11c2
2671d72b96d6d9a1b8bbc1429048505ea6dbc3514daf22ab6dd6dfc8a70ce8d3
3374a1abd03bb88b98c5744f0fac3b343d11a501738be89c113d76501c9c11f2
3498480b9ca24d5a5cb069044634f85d875091a7f49ec9e7b639f35c8ce9c42c
3f6c8f3a0506ab9f82c38efb24dddc8810b23fb1d8abdfafd108411f352a42f1
5739a1525362be4c864dd6dedfcdbd7344fa0867543884b1fc37f62d122976c2
6010b9e4de0ae092bf0e811fb16268663f6d992dad99c7f7f054714b0c8f0fe2
66a44a1d8000f828bd687fd72a52a8952e4958c78c40c2831ca224474be628dd
68145136ca159c789a19c2da9c45a4666eac968074c3a86d2b9023d089493716
6fd8d79dbc9c61829d8dfbb70e1eaddbcfd88c4f891150e48d7cf582910153fd
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72
89d4b11653ec6bea136567153d34b29db6061ed0f089971446c25fa6e367104e
8a5a9a6139ec201e3cfe3a01f1d3fe20ba83bd2a95397d5d5b9c974ad2f5d031
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8f9c6d53912d22f00fab4ac2814ffdc78eff4cd6cc3426139637b3bd4f2e3a41
90694031e1f9e4cbf15db214cf3a9e86419892d63535e9416e975439c8b6b346
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9218cb967ae295dee46c9175c68a7b6a8c50577ac465617bd679ee244f93e38b
a912900e5c4b5dbb42cfe299c0fe8ba8fa47310aeb9fd07bbb7a3f190d3c8ac1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bfcfa4f55447b8f8cd5a9a5f960e6be9d28691f08d0e0659b969222ce19cc63c
c9b4bd17fdf46d54d9ead1e9c8dc41b2e123d86259177d3a10f419ba6b8cf595
ce8b2b5bd33eb86ca274ea60cc51f0f2eec21a78b38fdf082849e43c427f42b1
cfc5478dd020fb2ffc443894998449b6480e4df951c9df4eca3c428786af2550
d16786e41bb5f1d2469ee0cef30490242378e4570f62193baad6bb32091e6ec2
dc6d21fcbae89c0eee2a0c6453be298e95f4e27860b6161bc11d07656c3cdf37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69ebd7ae7adb263c13759d66c1daa524fd7c9a0639ffd032b014ab5956688ff
e9601276327857c754be1542416018e457b23493f2424f861429bf6d5413d58c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40c7802fed53bf864c2bb1ed8ae01f70866eb8ec379dbac518053427d904fd0
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
ffc714425c18ded1ea9ddd51ba921d2b070e00e0828dc553f471ab4a6b9a0b35
fff2adeb01489d2244dc132d00f886bf779b3c5be7b31ff2a9762e847e3d566a

sdxfg.ga Open in urlscan Pro 80.211.246.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

0 %HTTPS

0 %IPv6

18 Domains

23 Subdomains

20 IPs

6 Countries

623 kBTransfer

1782 kBSize

9 Cookies

9 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sdxfg.ga Open in urlscan Pro
80.211.246.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

0 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

20
IPs

6
Countries

623 kB
Transfer

1782 kB
Size

9
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!