64.62.227.27 Open in urlscan Pro
64.62.227.27 Public Scan

URL:
http://64.62.227.27/
Submission: On May 06 via manual (May 6th 2020, 8:12:37 am UTC) from PH

Summary HTTP 178 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 56 IPs in 12 countries across 58 domains to perform 178 HTTP transactions. The main IP is 64.62.227.27, located in Fremont, United States and belongs to HURRICANE, US. The main domain is 64.62.227.27.

This is the only time 64.62.227.27 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	64.62.227.27 64.62.227.27	6939 (HURRICANE) (HURRICANE)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2401:c900:110... 2401:c900:1101:143:9::e	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700:303... 2606:4700:3033::681b:8fb8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6818:7392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:8646	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.64.241.5 13.64.241.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.172.73.102 35.172.73.102	14618 (AMAZON-AES) (AMAZON-AES)
1	151.139.243.2 151.139.243.2	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19a::2461	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	198.151.217.193 198.151.217.193	22671 (AAAS) (AAAS)
1	131.112.112.128 131.112.112.128	9367 (TITECH To...) (TITECH Tokyo Institute of Technology)
1	132.148.46.86 132.148.46.86	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1	54.164.167.223 54.164.167.223	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::681c:1cf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 17	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.29.196 188.42.29.196	7979 (SERVERS) (SERVERS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
1 1	138.201.86.121 138.201.86.121	24940 (HETZNER-AS) (HETZNER-AS)
8 8	3.121.253.254 3.121.253.254	16509 (AMAZON-02) (AMAZON-02)
1 1	176.9.0.138 176.9.0.138	24940 (HETZNER-AS) (HETZNER-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	34.252.71.88 34.252.71.88	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	172.227.85.103 172.227.85.103	16625 (AKAMAI-AS) (AKAMAI-AS)
13	52.209.203.124 52.209.203.124	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
3 3	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	18.156.133.187 18.156.133.187	16509 (AMAZON-02) (AMAZON-02)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:209... 2600:9000:2093:c800:5:ff17:fd00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	63.128.3.112 63.128.3.112	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	157.150.185.49 157.150.185.49	2647 (SITA) (SITA)
6 12	2606:4700:20:... 2606:4700:20::681a:70b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3035::6818:73a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.3.164 104.18.3.164	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	204.13.239.203 204.13.239.203	55106 (DATACATE-AS1) (DATACATE-AS1)
1	35.227.16.122 35.227.16.122	15169 (GOOGLE) (GOOGLE)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	54.210.183.23 54.210.183.23	14618 (AMAZON-AES) (AMAZON-AES)
2	54.230.183.36 54.230.183.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
178	56

47 64.62.227.27 (Fremont, United States)

ASN6939 (HURRICANE, US)

64.62.227.27	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2401:c900:1101:143:9::e (Singapore)

ASN36351 (SOFTLAYER, US)

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:8fb8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalblaze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6818:7392 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

media1.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8646 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.64.241.5 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.geosociety.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.73.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-73-102.compute-1.amazonaws.com

news.rice.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.243.2 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cpb-us-e1.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19a::2461 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.cdc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.151.217.193 (Washington, United States)

ASN22671 (AAAS, US)
PTR: ekamedia03.eurekalert.org

media.eurekalert.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.112.112.128 (Tokyo, Japan)

ASN9367 (TITECH Tokyo Institute of Technology, JP)
PTR: www3.elsi.titech.ac.jp

www.elsi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.148.46.86 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-132-148-46-86.ip.secureserver.net

www.dodgingdeception.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.167.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.newswise.com

www.newswise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681c:1cf1 (United States)

ASN13335 (CLOUDFLARENET, US)

jamesredpillsamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

www.nowtheendbegins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.135.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.86.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.86.201.138.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.121.253.254 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-253-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.0.138 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.138.0.9.176.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.71.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-71-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.227.85.103 (United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a172-227-85-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.209.203.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.159 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.88 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.133.187 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-133-187.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:c800:5:ff17:fd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.noaa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.128.3.112 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)

www.aftau.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.150.185.49 (New York, United States)

ASN2647 (SITA, BE)
PTR: www.un.org

www.un.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:70b (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

beforeitsnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.118 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6818:73a2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pixelproductionsinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.164 (United States)

ASN13335 (CLOUDFLARENET, US)

www.teslarati.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.13.239.203 (United States)

ASN55106 (DATACATE-AS1, US)
PTR: jetnation.com

www.jetnation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.16.122 (United States)

ASN15169 (GOOGLE, US)
PTR: 122.16.227.35.bc.googleusercontent.com

wels.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.183.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-183-23.compute-1.amazonaws.com

ri.amurege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.183.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-36.ham50.r.cloudfront.net

cdn.amurege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	revcontent.com trends.revcontent.com cdn.revcontent.com img.revcontent.com	394 KB
17	mgid.com 2 redirects jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com c.mgid.com	81 KB
17	youtube.com img.youtube.com www.youtube.com	403 KB
12	beforeitsnews.com 6 redirects beforeitsnews.com	268 KB
8	bidswitch.net 8 redirects x.bidswitch.net	4 KB
7	mfadsrvr.com 7 redirects rtb-usw.mfadsrvr.com rtb.mfadsrvr.com	4 KB
6	blogspot.com 4.bp.blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com	173 KB
5	scorecardresearch.com 2 redirects b.scorecardresearch.com sb.scorecardresearch.com	4 KB
5	gstatic.com fonts.gstatic.com	78 KB
5	ytimg.com i.ytimg.com	351 KB
4	amurege.com ri.amurege.com cdn.amurege.com	532 KB
4	wp.com i0.wp.com i2.wp.com i1.wp.com	349 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	zemanta.com 3 redirects b1sync.zemanta.com	2 KB
3	criteo.net static.criteo.net	30 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
2	bttrack.com bttrack.com	760 B
2	lockerdome.com lockerdome.com
2	criteo.com bidder.criteo.com	282 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	wordpress.com justusaknight.files.wordpress.com	2 MB
2	naturalnews.com www.naturalnews.com	294 KB
2	tapnewswire.com tapnewswire.com	45 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	wels.net wels.net	5 KB
1	jetnation.com www.jetnation.com	433 KB
1	teslarati.com www.teslarati.com	33 KB
1	pixelproductionsinc.com www.pixelproductionsinc.com	218 KB
1	paypalobjects.com www.paypalobjects.com	230 B
1	un.org www.un.org	105 KB
1	aftau.org www.aftau.org	64 KB
1	noaa.gov www.noaa.gov	543 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	pubmatic.com simage2.pubmatic.com	873 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	loopme.me 1 redirects csync.loopme.me	190 B
1	lentainform.com cm.lentainform.com	329 B
1	idealmedia.io cm.idealmedia.io	547 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	181 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	nowtheendbegins.com www.nowtheendbegins.com	278 KB
1	jamesredpillsamerica.com jamesredpillsamerica.com	457 KB
1	newswise.com www.newswise.com	107 KB
1	dodgingdeception.com www.dodgingdeception.com	45 KB
1	elsi.jp www.elsi.jp	90 KB
1	eurekalert.org media.eurekalert.org	85 KB
1	wikimedia.org upload.wikimedia.org	81 KB
1	cdc.gov www.cdc.gov	438 KB
1	wpmucdn.com cpb-us-e1.wpmucdn.com	31 KB
1	rice.edu 1 redirects news.rice.edu	229 B
1	geosociety.org www.geosociety.org	19 MB
1	tenor.com media1.tenor.com	219 KB
1	iili.io iili.io	3 MB
1	naturalblaze.com www.naturalblaze.com	32 KB
178	58

	Domain	Requested by
15	img.youtube.com	64.62.227.27
13	trends.revcontent.com	64.62.227.27 trends.revcontent.com cdn.revcontent.com
12	beforeitsnews.com	6 redirects
8	x.bidswitch.net	8 redirects
8	cm.mgid.com	jsc.mgid.com 64.62.227.27
5	img.revcontent.com	jsc.mgid.com
5	rtb.mfadsrvr.com	5 redirects
5	fonts.gstatic.com	64.62.227.27
5	i.ytimg.com	64.62.227.27
4	sb.scorecardresearch.com	2 redirects 64.62.227.27
4	jsc.mgid.com	2 redirects 64.62.227.27
4	1.bp.blogspot.com	64.62.227.27
3	ib.adnxs.com	3 redirects
3	b1sync.zemanta.com	3 redirects
3	static.criteo.net	jsc.mgid.com 64.62.227.27
2	cdn.amurege.com	jsc.mgid.com
2	ri.amurege.com
2	cdn.revcontent.com	64.62.227.27
2	www.youtube.com	64.62.227.27
2	bttrack.com
2	lockerdome.com	cdn2.lockerdomecdn.com
2	bidder.criteo.com	static.criteo.net
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	c.mgid.com	64.62.227.27
2	servicer.mgid.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	justusaknight.files.wordpress.com	64.62.227.27
2	i0.wp.com	64.62.227.27
2	www.naturalnews.com	64.62.227.27
2	tapnewswire.com	64.62.227.27
2	fonts.googleapis.com	64.62.227.27
1	i1.wp.com
1	i2.wp.com
1	wels.net
1	www.jetnation.com
1	www.teslarati.com
1	www.pixelproductionsinc.com
1	www.paypalobjects.com
1	3.bp.blogspot.com
1	www.un.org
1	www.aftau.org
1	www.noaa.gov
1	cdn.onesignal.com	64.62.227.27
1	cdn2.lockerdomecdn.com	64.62.227.27
1	simage2.pubmatic.com	64.62.227.27
1	bidswitch-eu.splicky.com	1 redirects
1	csync.loopme.me	1 redirects
1	cm.lentainform.com	64.62.227.27
1	cm.idealmedia.io	64.62.227.27
1	cdn.mgid.com	64.62.227.27
1	b.scorecardresearch.com	jsc.mgid.com
1	www.google.de	64.62.227.27
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	64.62.227.27
1	www.nowtheendbegins.com	64.62.227.27
1	jamesredpillsamerica.com	64.62.227.27
1	www.newswise.com	64.62.227.27
1	4.bp.blogspot.com	64.62.227.27
1	www.dodgingdeception.com	64.62.227.27
1	www.elsi.jp	64.62.227.27
1	media.eurekalert.org	64.62.227.27
1	upload.wikimedia.org	64.62.227.27
1	www.cdc.gov	64.62.227.27
1	cpb-us-e1.wpmucdn.com	64.62.227.27
1	news.rice.edu	1 redirects
1	www.geosociety.org	64.62.227.27
1	media1.tenor.com	64.62.227.27
1	iili.io	64.62.227.27
1	www.naturalblaze.com	64.62.227.27
178	73

This site contains links to these domains. Also see Links.

Domain
telegram.org
t.me
tinyurl.com
beforeitsnews.com
www.herbanomic.com
mitocopper.com
forum.beforeitsnews.com
www.youtube.com
trends.revcontent.com
widgets.mgid.com
prolesanpure
dream-singles.com
do_you_want_to_meet_the_prettiest_asian_girl_right_now
www.5starshine.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-06` - `2020-10-09`	a year	crt.sh
edgestatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
q2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-01` - `2020-08-29`	5 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
*.geosociety.org DigiCert SHA2 Secure Server CA	`2019-05-31` - `2021-06-04`	2 years	crt.sh
*.wpmucdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-05` - `2021-05-05`	2 years	crt.sh
www.cdc.gov GeoTrust RSA CA 2018	`2019-12-02` - `2020-12-31`	a year	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
*.eurekalert.org DigiCert SHA2 High Assurance Server CA	`2019-07-25` - `2021-10-27`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.newswise.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-19` - `2020-05-17`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
nowtheendbegins.com Go Daddy Secure Certificate Authority - G2	`2020-02-23` - `2021-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
revcontent.com Amazon	`2019-09-19` - `2020-10-19`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2019-09-27` - `2020-11-26`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
www.noaa.gov Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
www.aftau.org GeoTrust TLS RSA CA G1	`2019-09-20` - `2021-12-19`	2 years	crt.sh
*.un.org COMODO RSA Organization Validation Secure Server CA	`2018-12-11` - `2020-12-10`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
www.teslarati.com CloudFlare Inc ECC CA-2	`2020-03-18` - `2020-10-09`	7 months	crt.sh
jetnation.com Let's Encrypt Authority X3	`2020-04-06` - `2020-07-05`	3 months	crt.sh
wels.net Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh
cdn.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
amurege.com Amazon	`2019-10-08` - `2020-11-08`	a year	crt.sh
img.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://64.62.227.27/
Frame ID: 5CC37082E767936C9165FB50B0524FDF
Requests: 170 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Frame ID: 30AD30B8D8C58EED8394B64D0AD83C5A
Requests: 2 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Frame ID: 40E239DF3AF2B0D7E77D7B72713DAC9A
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1588752721335114120036
Frame ID: A01CAACF464B1649AE3388C7D9878F35
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=http%3A%2F%2F64.62.227.27&rid=&width=370
Frame ID: A201DA3437801AA8D5933BC958479023
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=http%3A%2F%2F64.62.227.27&rid=&width=370
Frame ID: F3053CEBAD3BABEC93425D1733A78995
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/52G6iYJNARI?rel=0&autoplay=0&mute=0
Frame ID: 8B916645DF99F07888EA72F0530A57BC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Lq4dA-G1ig8?rel=0&autoplay=0&mute=0
Frame ID: 4FA711E3DBB7392499A5C433E786E147
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

178
Requests

68 %
HTTPS

38 %
IPv6

58
Domains

73
Subdomains

56
IPs

12
Countries

30738 kB
Transfer

31641 kB
Size

0
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxsj8ra9
Title: I Killed Bruce Lee with the Death Touch - Caution: Don't Use it Unless Your Life is in DANGER!

Search URL Search Domain Scan URL

URL: https://beforeitsnews.com/newsletter/
Title: Get the BeforeitsNews Newsletter! Turn OFF all Fake News for VICTORY!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yyrxgzfo

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/emf-blocking-smart-meter
Title: Try THIS Smart Meter Shield and Cut Radiation by 98%! It's Why the Illuminati Are Freaking Out! (VIDEO)

Search URL Search Domain Scan URL

URL: https://mitocopper.com/product/ultracur-bioavailable-curcumin-complex/
Title: This Curcumin is 14,000 Stronger for Fighting Pain and Inflammation! (VIDEO)

Search URL Search Domain Scan URL

URL: http://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://beforeitsnews.com/v3/donate/
Title: Get in the Fight! Tithe to our Ministry and Help Finish Recording God's Word Seen on Every Page!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y23ghhwe
Title: Try This Ancient Device and You'll Never Have High Monthly Electric Bills Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=r0CoLYD2Ab8QO5ej7AVAC6ipsnv5hLyOSZ%2BugUWlLruIH33799U%2BvvKln7NNILRJ2qotzIS5HdJgUw%2BTXpAUlifFvDkId5uIVgWtClcLpRWtMi31VUIY8eKUu31BghVH1N2wkMdBCUOaTh7dJE1voOA13e5JbxsTXHf0jhFkcnF6l8b70MXsb%2F1apOHxUFLqWjPxr9CQTMRqlhe17beaVwy5EyImu7P%2BJI06yEoxdH7lYSMIpWbdLCTPR%2Ft6XhLEh9tk2jsPj2HFF6I%2B3%2BuSG98Gok9BNNoJtGZR5%2BVXaxYK3XT2tfAfWzdJxSB7t8oJUnpc%2Ff%2B%2BaVn%2BVzs9nxMhXbUGN18%2BNlDKmrjPSAWTX%2Bcp0w6BCYYeMW%2BRNy19NHf4j5hu8EsqKWik88ilcqy7mu6a9714jXkD%2BbcO5D6xNNg9T4yfQAaNkstQzpyReNcI8XpHH%2Ffm%2FjEfFFZR8Qnth31YpCElN0tEUpfngo27yGe5w2XjcM91mUrn4hl70ie6f03UgJw0Tm7aeIJ%2Fo%2Bpx5blHFnNrloXJXWS%2FqQwYGgyMYzGKNJonw0uHURapt2bCD1OfbPwwx2Z3OmYefTzVCh1IMTikh9C00j3ZscmUbVRE1L31bNtja%2FK1UI3cfFNwnQjvO8WNDfCit9HZ8ZXsZtY73Oqq7Y66Idm9PTYtdgkieL%2Bjfqz%2BQVg59k%2BKCys0XylmMw1m7czcQZ4sPRpfr%2FQCLxl3XjkwtyP7qETbKqeYK9u1%2FmXlhezSyFf75kZ4mMYOPm2CKWWtAmy4KDBfjO3og7gYZKNZKjNJaH1CASDSCTg4x2twDiGNxCNofleih1eHxi9ru1Yx6Go9znU7ndXGgbKD%2BoiFvX6UdSj7X94Va9u9WoqIPgHOB6uw6mXtdIWG2POfB2rDa3OzVnZTGcVvhEBFxZ3jR%2F0D86vSC0qyh1dvDmp7od%2FeCpkxmfzg2U19mp2HGr84OMgcKBdSjlZj9eU4dVYR%2FHTh%2BfkzxV%2F7jLgxT19J41tyeUuDE5k8Rr82hHvms4qJCZmYP4AepYSiIoCpgUBIKUJmRImyOuQnXbv6r4tdA3tmMbXFukDL1%2BdlrD1tVIiLeMLoxLU04B4z3n0rxwpkThHNW64s8OnCBV6NmbRad2kFzNRSkIGmxOc05nXM1SzSS8FqZrydsipSgN9Ov7J7JSuzv7xNw5k4gBnyYkaUb03htbpLAN4EFBKxghTCxOky79UDT8Gmb3nMoITCkyRtpka3nNDkIhlU1%2Fh5%2FENdXY0FYpo3Llo63k%2Fv18fPxCM5mYugQEm26x1ti9Cmua6o3E7hgeetv2GzAxt2ax39gAFk5AgoiX%2FIFGsGJjxLFF7XINgN2SNos8mBrugjxn%2BwNXApcUexUJwXU%2FxJO%2BNtlJ9ncWsQYIH%2FxYR%2FGPYhoh6RIK8BOhDZ1Tb%2FBPlQQGDR%2BK%2BYMdP6kPIq5DBopJWPsWMU1wtvjo3ryMDn2sktUHdGeyX9tVgvsakP%2F24x3EipiFB3OXxgMu5x3CbBuD0LQApPNjJivMuMxjeGtv0oOx0ZFEfFxwTlGz89X4bv7Be1odrYqalVNSbwCwa3%2F9c5r4ar5IptL7S8&s2s=1
Title: SENASTE NYHETER: Stockholm!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=N4VA%2FMdQWvVIJU6Wvbf3zqLtN7NF1Mz1xqOBs9t%2B9vpOZiVIG88oIIZtOWki2ueryIDiwYSSkLHCCUWpSNhrOrtXiSjwxPkJnLbkX8wbWboeyohccAsEngk%2FWvr10CN9d21BGWrp%2Bgm566csEszkxAJwRLS2B8xMGRJ00SHb946uvLboVaJgSNuP8%2BaxaJgj96fKyaA5ytjHWaOC87YL22iU%2FuZepIUa3KOk7r%2BLXyD7EkOPb0gRfJc70I8a2Ebk8OqoIKWuBRnwMaWU4GpEyQ%2B7jsvdmxDI77wqw73oYuCoq2EZhNyZ%2F9%2F4hKKof558RTDmUySQFdqnCNGB7dR886YrQhV2PT60zQhsNzRn0oTVTi01CMB%2BkIubUDeUQrhN%2FxyVlYQ5LP5gJMVRUIU5d48kpZpucC4ScrJoren82kKWsO4QykagPdSQzcQrGX4UZKOXee3nwwIoH7X8IhrCjmZU3zPlgtnJaZjd%2Fid2oqJVsLqAt1ffp07Bv3ad9VhUjYiDTvjiXCEuL25xk3048NxUtPFb%2FdyRlKCgd%2B0vdBWd9GhBCnqs3HmEmg6%2B3sZh6xiTJLPpZty4xNhTSwCYNUChig06YpMIi1OY6NB5Nic99cqhZTmD2V8U88IoUgCAdr%2Btc6EyzyNy4HVkIwP%2FOQatnySginuEy7FslPAlyvYkKyaBT7V459%2F0vrZwFVImbnQyBF3NLCJimIH2OUnUTmu6MNM33CHNUMAzJ26h3ml8q3aW79mK0taFypUGcAIvzgig%2BG%2BB7rSrAys1cbTlULYJbqYcjSrNOnw0muP%2Bmj0HBg3MWilGOZKY7KbvOYbJFzNflz2B5UZZxocGsncCQoOoTxYIZvqQ1uAyS2g%2FmrRLBF7DfiFKRIWobpo3LdOgtcoZBMVidRIxEK2Xzv74J4BS5trDoZQ5ECW4J2TPCysJz8LlWcycfeNq8eW4XNkbx75cjO5OM7fvUZjUmSGgUArji6aN2fjhQ3fwhP8Na7Q6pTmYwpBAShvC%2FDNaI9liCGx%2BaAanqdvjxGboIE9GppONH7YjSTgdfcWih6lxcA9wNPGT07rv4mA06Y6dM3bfsmKKbbE2IHzz2CPB4aquCwEl4rtfdwLb3J8gm4CKlck%3D
Title: Donald Trump IQ Finally Revealed... Obama's IQ is Jaw Dropping

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=mnEIX%2FqtLcVOfFonutHU1DYt6cOUbPFttFwQT7dzGKHXTgWdbm9P8U56Qo7orWVJiVMW1v06O8vInZlbZsr8ixkADFS%2BBpS%2BQ6ORRstmSlmYn%2BB9rnXh7F%2BGGe0J3pd1eqsoAx5W06bFK8C9S0F4xHDcwmekovCmBevRELaaN0ODHefek59QrwbcvgcBd2Rh4%2FBIb03wTnuZ13%2FhpZEpBt8uSUB2LJf%2Bm%2F22cQqsUa936LPP6sKa8LtjSEvb1d980gV5cEFNXdVLdNQnCWFf077hYHbmOlgzarZm9LxSjCix1UYNP2ENpPZnBDaEnw%2Bc%2BQq%2F8nmx%2BU0dVgoPl4QMG2ZN4yn43X9Eh%2FZj%2FMO%2FGE6ejqVxwwWYY9koyqaF6OwSLFhi9PV6DpAN2K48HYFDbpucxXmmPVmmnkLu8QZiuoZdYM5v7rPmzLZ6T8WlOOELmalnWcHPmDrEXOaLN4k9FmJbsgrLP2PqS69r4LmDJmyUgXYk44kLlJkzxQ7t9EScISASkZbEdEWD%2BWDT2TVrRHJpA6p566BpluQwlEvb058T06bHbJTZi0QuZSxGSauQSRgaWJO5DY8IjKts57qdnPuxq%2BxEewDYjKYygLUZAOAJJnGNDZQER%2FNnMO%2BTvotYqDSeDwhZpKw32YSAg9vPIbqmR4VVRvsY%2FvlWN46N8zsddkdixYYVIiq4odVHauWvoUHQmPyVY2bVJ1sZ2AyNHsZd8qJoAtLivmfGz1GO2AogEi5SRRCLcH%2BTl2O7MTgWg6rbCJvKtfFUymaePCC3cUz52KIulardlkJ6wLvOOmevebhqJ4kPf8yGzgNAXIa1J%2Bo8Im%2Fj%2BmYDNtxg5vFuAg90RQszTVT8pu04Op%2Ffvgs9xkBXgOzC3Ia9PMAxtFLy0iH3zb8A9uC4vPn57RbsZECPTY7h8SGkhhk8z7z2I4Dm5DDIM%2FTownJC%2B9uY6FcIKlQqY1W9X0fOmfUo3XGF7%2FeSiaKCgQ%2FZd5Ot2rMbYExjjGxKIziX3h%2FbbWYzOGQw9QSvGb0ZBhlugHBuuCVA8IemQIQyHz%2FpnAlE1dM%2BL5IH383YLqnExeM312LHowoI&s2s=1
Title: Mom Stuns Doctors by Removing Her Wrinkles with This Tip

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=64.62.227.27&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://prolesanpure/Ta_detta_f%C3%B6re_du_sover_f%C3%B6r_att_g%C3%A5_ner_30kg_p%C3%A5_1_m%C3%A5nad

Search URL Search Domain Scan URL

URL: https://dream-singles.com/Sexy_Russian_Women_In_

Search URL Search Domain Scan URL

URL: https://dream-singles.com/Beautiful_Russian_Women_Looking_For_Men_Over_30._Actual_Profile

Search URL Search Domain Scan URL

URL: https://do_you_want_to_meet_the_prettiest_asian_girl_right_now/

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/humineral-humic-and-fulvic-acid-plus-trace-elements-raw-liquid
Title: THIS Humic Fulvic Has Provided Major Health Benefits To Thousands. (See VIDEO)

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/mmitosynergy-copper-1-advanced-formula-120-capsules
Title: Has This Egyptian Copper Secret Caused Problems For the Illuminati Depopulation Plans? (See Blood Video)

Search URL Search Domain Scan URL

URL: https://www.5starshine.com/
Title: Try THIS on Your Car and You'll Never Need to Wax it Again! (See Video)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Try This Discreet Weapon - They Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Z89V3dyLW2WiZH5PUcDUTzK8vt7rYlZfw8eWCkQobEyKYhC1qs0AARBjKTgtMcDLAseX1CmfXE6hU55yvUu2sqb30yStSORGaDdlwiE%2BSiIVtqvTeB2DB%2BCwccRF%2Bk7cbTs5Ia9yXKpSl5feBl7hKuQhJCagPqcI%2B93jzSfZ663FnCah57eVpa7NZfvEeqw98yETyp0QJ6WQMkO4d1F0WwEikWzlBelqF3BBjGhUggFdhw4y%2BK%2FeOphqRBPjf5ZTxlHUw%2FQIG9E5N7V3Pe8DtiXIyWHSxO7y%2BB9HPf9HlYOoBNqiSW%2F9geituLBrFZI1D%2B7SRbjhhYgp53tG5bbVpTwpIq3wTj9CTYTYhAuB0eLM8bnH9zq8%2FvM2gApuqil75XyVBYepX%2FjvYjRe%2BBdZ5LjKAYUdeNVEzgqEUoamtbWW7OElhKe8qhHpa39gmf62ZMPVUJvDyMD1XuC3xViH5dZhDMqTN0DAm6iGtkIv6MLT6W0q7EDTdcxBcNhxwSogljqq%2BtzCAgJC5MiUwnmKH6h99%2FjX66q2HBFa45vnOb0vw9at8Gj6LCmxiH2R5tYhEge%2FXrZRzoJG44hpPpXIfXcwUvy4AZoj9Nq34oDY3W04kea4Iq0Jdmotko5%2FPanO1qJNeFP7nfsV4lf2VmLlAtVg2lhgOpWPpn%2FwkA7ANdKN1ZKAkMls4a9ddblHWOAfAwwajvQCxuejxEze2UXdyZk0A4YM9yMP29BwwUa81pEVuje265lmC7%2Bx0vjyDPGxC%2F6Z%2F8I4QMP0%2BvBEVXTAs4QjHhDdA7jzXTlqd6OGFGtZystvauqsh6EiL5fEAbhpeDuazsq6%2FyUtqctoabPCEvH8P4Aief6Me7D9L%2BTPX9hfuysoRPfGVnKGhp3tZiHOiOCu2yuUWhyI%2BAJDNqi4v1jt10FspH8hyzvxwgkvWNr5ZbG0QhnuY4Y1BL9vUUkBPzcy0kMuH3JMYBHQZaO7Iy6OlDIp3f3BCUz8zIsEjhquUgd783Olaf6dGN3IBa4tNb0%2BG8u6N14WJyZxPK5Zl4taF%2FQoyP%2FM67wULhBT047ZQOavzGmvgTI8ftd844RnHhDGD2qLW2NOFQIPBTPjpCsLcKVoC68wPRgOyVDwZiL0M0Q0dDE3D7nh5tzl2Fz1QS1NZEpFC3YVwHs0mUuhAqqxjoP4z5JzRQtSK0ViY2rNPNao4ml9gVOw81PqX78Vzlkmq%2Bip5aVgrxMA%2BY9pOng3c0drY5%2BhdyX%2ByKkF7LTVJJALsK4MoWIy6lzA1lajuikQqxD31HAWiEEaJjdLQvh9SJmsV2yLb4%2FqbaR4TxsKk6nZdmlR8C1%2B7j3JRKsEuuOeTJnWPmhAJfmhxGlChj6bHwGau10qLCfNzr2sI4tm9TK5IV1%2Bz%2FpCfjX%2B%2BHQi%2BQ1Njlz2wPa97eE%2BoE7OQYfYoSBs5%2BAlSCyhdTygszZtHpiwWhdOVq0k5qRJ1DzAPzhUqErwYHKBrloFbTdNFSBBeyenLRrzqhJOTdHZ240GORNEOEPnU%2BWrmHGjscn%2BLAQ%2BSrSDgE%2Fmfu0XvE5Ag7%2F%2BAEDd5RbuZQqBYp71ke3ppTUd144G2hVgRPcVGXPnvlAlarXVEOyj1zTzkJGSrA%3D%3D&s2s=1
Title: SENASTE NYHETER: Stockholm! Bitcoin Up

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=crjkfdBxZLmi7cvVinlsJKAP4lyLsvTUs30EyZ4Q4vMgsNjrTkTp5s1U7DbBcC%2F217yrIiSnd55eMy66oxjLma82dTFpMPujkcAf2T3c%2BW8q4ILUD%2B1vA719gvpye2ha28mBPVutJ3GvMd04a6zTuayButpUJUJtQj9mFtDOe%2BpNvQtWf7hwLh9bHN8F4GInUwYsjHlQz7xCoqw5nIMkA8OZ04Q3FLUGpfVQ59sdws%2BdwGPNhWBa1H%2FwQTCNGXuk8%2FmxgBceQROFL3facKVIC8LK1DT8c6hjuUuUkTf%2FDSK%2FMqFfYIpSOUuhZwlgPw6JdvrHjOJhoeSBhNb62jNiyGacKFhEbcKhEr3HDdY6JBcLLZqRV3uSvNjWkOP607i7jsccN9M6GHwfJnUsEGheh30oJfLMI1bff0nmLeRsMEzGzA5kyXaTVKKdSzyUkiC5ILMilrVmyFrAk0CBIoyxBEzzVjQZ4XBSKTKsC25UdSlAYBsxaAguG8IMQkf%2FpTvEJp%2FS4FvGfNLLB6JgnUVM70WNjSj%2FxHUJIw2LNg0PBfBjEbbAOqtv6%2Fsuxsbdg25W81JAsl5r4PIAs1A5KHPsCry0DUxWfytQFBK6AY8Hzt0nDO5dbiYDHSY39Skh6rXZWXSfR47nvyWjhSLtEyIJ5SGJ0OdnE%2FYXeS2pTgmgT%2B0bm2waA9v%2BF0pyqzTYdYaiH7Dt3r5L36UzM7BNNiwn4%2FuEGoxxOPOGdBuoUomT5ZH8H39WHPWmkkM6ylJ0w6sxapj2qkMkKjMJTt4ggKFLkXZxuHwUW4cUjM4sX1kp6i3Av09j75e7pwqjzIwzGHk1gvNGwljQrrOhN96g36bu0nzcvi%2FggtJtWcSmvv6erJm0z95kzZ9COlED0V9M4WcyE0H9gqYUscTH3lble5ZyAPVEv6rQbwL%2BOgXMOtYxiLwg%2FzwrO11fus8%2FT%2BwoNay5pAx%2FmayCGvq2wD%2FGAbzTH8t5MPWBi4lH13n1mTb2cxViZFeoSeT079XUadlX1BsOR1jpW1h%2Bmjp3pRShCmLetiKgMmQ4IHIlBxdipFC%2BOlg%3D&s2s=1
Title: Do This Immediately if You Have Diabetes (Watch) Newhealthylife

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=MDMeyYJY5%2Ff%2Bvd782W3SUpQvejfcELInmwdBfkiRd0qO9Ec1e17zSJxLfeWiGeuWXHowkCd%2F6I2AHZump8ElvRkux%2BLyBZEghIKcjbnVG0VUg0StRKeKIUIb6PkzqboyB%2BuVKBErlVeuJcSOGkwyi7dov1nOFjSNtC3KI8hrC1ZnNif%2FF8K1uyzRsMoVXNhI5z6i7AGF0FgVsJ3CsblwQk66mBVatSlawvQwKenN9bzAvMsCzadlAsOn2SWellh6c5W1mDKJAovtzvxxJJ1%2F1EcpLwJvrU%2BALgKZRSLnz14QvAqORocI%2F3ym8lnp1DZK5V7YWmAJQAA89qKzo1FlYbTrs3xD9r9UIAmFVNA8GcFmcbOAFTFcJ0tu5D%2BG3wLukRD02Q%2Bal36wJRpLyXFsgaCEk1rn0RCPepE0ZtliktD%2BL3XvbthOywBYSojDayf0NRAFFbQTPc755b8pEdybMdMFQGbb8JEb8RuAoYtcmnbfQH47tXOqrrVFksRpOnQRUEIrBFD3yi9OHx2pg7prRf%2BdkAnWZd1y528fE2FhUTH%2BQgoqGc9FLx2UNDxIa9mdZqH5GFqW8FUNXHtB0mbnBNW2Aya%2BaBD3LTIBMWytQ1S22k0%2BNQKf%2FR4hQWAWxNIAh1sCkmvDGe7wc%2BzVsLuwmt2HF10T%2FBm44K9STCqkZS0g7rJwB50Qus7ENNGJj0VkJglSrh0qlrv6IuFPoclKHWhViarmnZkXGX9HBJTsYyGrUPUIAasBLVyqo8gN6480QZO5YmvtT9YSIMwX6drJTXW%2FHpop1vin2hTYJ4bjFtbHRsvAG6dZ70aCaFrQTkvZQ4j9sbghxUPYTkjpGnBZAJmH4zZWflDLzsbuD6%2FUlc%2Fm7TYPta0ORzhpqamtUgbMh1Uzwr%2Bzq%2B2jB%2FX1omLteIFiaPxGLf3fCEvylovXXcv1qEVPn9Olse1dq5qUpZwVL1vEmv3%2FAfMrSGZb9QBIKmZ0tJkb4KQ%2BIXC4sZA2%2BDJzhyS47cBNyE739acHd2rWIsQHNT0cRwAY3e1zb03BByMpdzt76VWnFrY25r0VzXuKtl%2FH0AD1v33k0toU5DQU&s2s=1
Title: CBD Being Offered to Citizens During This Stressful Time CBD Full Spectrum

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Izuzy4rw21JOhHyWcHRWylhHElUlmk8Z82UfVA%2Bf%2Fbko5jIl7rd8HCsBLgepjvDzcw0j04JX0NOhE7Yj70qWoOLMFxCZFaJ7sVTqfZYhJlGxFbxXUXdb8fidpLiUyWL5k5GD4hp1loQmUDgM5%2BbDdckm%2FLYEhxCqHSKt33Nyvqo8VBPwI%2F%2B5ztDNlQO7uZNyJlTE0xXb59iMZR8kBhcgqmAeGEX503lTABjat%2BOEp%2BQHNPJ25kqGwdxcgK0SZH8CDnfyrMNWFmxlEU%2B002%2FZ7ryuRkrxNc6ygOITlRBdb9MVl3RddkexU5jjwfVdGs%2FHzZoSTI4vpyKp3GMZr2ogYP5mFiHPY8SRrqAMSbrT%2BCopDjyzOe%2F0IA8ozyLrB%2BxZCGRLmp8KgK74HDx25hFzW08V206l2mEcs3gfrpAEVOSaz2fPyLp38WmC4lrB0vdoim3IkPqiiCQRrVlaekLND9jKF12yDXtN%2B%2BsxUWYN16OFGH9vrqvYNnqQZL%2Bjs7MmkQMBcmi7YJ6TQaKuFEr%2BA7qSRGL8D%2Frx03scYYCPqwElTXoWcdxQRVdmARnjSUdgfRnJ%2BC7nRUm777xnaE410bPimKZWUI2ORa7%2BSs2h2sBhUgTKcHQlLE3ohEP%2F4HITad%2BMf%2FkQnlmA2TJ6BFNZO4pDaJffUNdsGQGDVTaQeOxWpWiblmvtw3RrkWBrrmHyU%2BovUk98CjAjhsFE6CWLVq%2BoXBnlOaYlFCqNQpsW%2BOtXlqOsThDhEILLY6mFAdx%2BbsN27IP11Ma9DomZX%2FR6aNKSnLLKfXdpJ1L%2BVcKoy0Mrj5VXFkyXG8Q881RPebUJwiepWCo98%2F0ei4bcl17Tv%2FlBR3twC10kPjvSx3SHr7XQhryahByh%2BK2FODdmXM2onW4TMIYOrUGp5mHviMJopi%2Fk%2FjUZNU%2FAOmA%2BG3KRoa%2BHaMeW5qdQckU1yV%2BO12ras6y6t0LWrS4XRT0H5xHbtqIOWRsgg7qqqxrhkS0pcZfj%2FcQOc%2BEzckOmiIrZRd6QxiRaB8mm9Ix5%2B%2FYirlm%2BAM4prYzG%2F471FvgT0iLthLI%3D&s2s=1
Title: Fighting Diabetes? This Discovery Leaves Doctors Speechless! Newhealthylife

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=64.62.227.27&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://news.rice.edu/files/2020/05/0504_SPLIT-1-RN.jpg HTTP 302
https://cpb-us-e1.wpmucdn.com/news-network.rice.edu/dist/c/2/files/2020/05/0504_SPLIT-1-RN.jpg

Request Chain 69

http://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468 HTTP 301
https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468

Request Chain 71

http://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468 HTTP 301
https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468

Request Chain 76

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369285&t=pageview&_s=1&dl=http%3A%2F%2F64.62.227.27%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=93664943&gjid=1813369038&cid=276894917.1588752721&tid=UA-16055024-1&_gid=1558002952.1588752721&_r=1&gtm=2ou4m0&z=781533550 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_gid=1558002952.1588752721&gjid=1813369038&_v=j81&z=781533550 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550&slf_rd=1&random=2397751173

Request Chain 91

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=ca0663c4-1f7c-517f-aa3f-4de9f48d3cb8

Request Chain 92

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c6f5eca8-14a0-48a5-8c09-d678c10ec746

Request Chain 94

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=bd370a58-cd12-466e-8b48-c510a5ab3ec5

Request Chain 95

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=59cb9b40-3906-4899-b038-6226f8adbd63 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=59cb9b40-3906-4899-b038-6226f8adbd63 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=59cb9b40-3906-4899-b038-6226f8adbd63

Request Chain 96

https://x.bidswitch.net/sync?dsp_id=303&user_id=k461AQ0PyTc1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k461AQ0PyTc1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59cb9b40-3906-4899-b038-6226f8adbd63

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQ2MUFRMFB5VGMx&muidn=k461AQ0PyTc1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQ2MUFRMFB5VGMx&muidn=k461AQ0PyTc1&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k461AQ0PyTc1&google_ula={guid},5&google_gid=CAESEPdRSofUGbJ3S8V0mq8cu2g&google_cver=1

Request Chain 98

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=f98bfff0-8f6e-4d15-824f-3e3fd01d22b9&ttl=1591344722

Request Chain 101

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1

Request Chain 102

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1

Request Chain 121

https://b1sync.zemanta.com/usersync/revcontent/?puid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1588752730 HTTP 302
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&rev_dt=1588752730&s=2 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA

Request Chain 122

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D&geo=35&rev_dt=1588752730 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%25253D%26geo%3D35%26rev_dt%3D1588752730 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&geo=35&rev_dt=1588752730

Request Chain 123

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588752730 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1588752730 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=2ea37211-d9ac-466f-9e58-54938d9a7986 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=2ea37211-d9ac-466f-9e58-54938d9a7986 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=18f1ba0f-0a26-438e-afe3-aed88aba5d43&ssp=revcontent HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=2ea37211-d9ac-466f-9e58-54938d9a7986

Request Chain 125

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&rev_dt=1588752730 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&rev_dt=1588752730 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU=&bidder=154&bidder_uid=131339a6-1d6b-47fb-a592-181839b8aa42

Request Chain 138

http://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg

Request Chain 142

http://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg

Request Chain 144

http://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg

Request Chain 145

http://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png HTTP 301
https://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png

Request Chain 146

http://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg

Request Chain 151

http://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg HTTP 301
https://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg

Request Chain 156

https://b1sync.zemanta.com/usersync/revcontent/?puid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1588752730 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA

Request Chain 157

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%253D&geo=35&rev_dt=1588752730 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&geo=35&rev_dt=1588752730

Request Chain 159

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&rev_dt=1588752730 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI=&bidder=154&bidder_uid=18f1ba0f-0a26-438e-afe3-aed88aba5d43

178 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
64.62.227.27/ 80 KB
20 KB 404ms
376ms Document
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b4c162a0938dc32c37ee2dddadcec1c2aa396a1368328c06fcfebc65dd795a6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: 64.62.227.27
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Wed, 06 May 2020 08:11:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 23ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33e89acec5c07a37996a6fda0ab9c029199b2ae3f8913fda8fbee66d0cc58ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 May 2020 08:11:59 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 06 May 2020 08:11:59 GMT

GET
H/1.1 200
OK global-bin-rev-494.css
64.62.227.27/static/css-v3/ 15 KB
4 KB 383ms
355ms Stylesheet
text/css 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/css-v3/global-bin-rev-494.css
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 84ba294d86a6a8c4ec2962bb2e461958d5bc4e101e798b145604dca530b30041

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:44:12 GMT
Server: nginx/1.12.2
ETag: W/"5eb197dc-3b12"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK fancybox-bin-rev-494.css
64.62.227.27/static/css-v3/ 8 KB
2 KB 407ms
379ms Stylesheet
text/css 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/css-v3/fancybox-bin-rev-494.css
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0b21fd04aad89a54b03408155906f1cd1b363cb16cf0753504b18e996d8a6662

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:44:12 GMT
Server: nginx/1.12.2
ETag: W/"5eb197dc-1f5d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK home-bin-rev-494.css
64.62.227.27/static/css-v3/ 28 KB
8 KB 382ms
354ms Stylesheet
text/css 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/css-v3/home-bin-rev-494.css
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f35f2e9629cb78bbd4f678617d0c66a026de966a932596d22ad4306c9b449292

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:44:12 GMT
Server: nginx/1.12.2
ETag: W/"5eb197dc-6f5a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK responsive-bin-rev-494.css
64.62.227.27/static/css-v3/ 20 KB
4 KB 382ms
353ms Stylesheet
text/css 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/css-v3/responsive-bin-rev-494.css
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 282ab5b6f36b8ea72f1cd6847968dc52be62ae5d7c97119a335a6d2673c258c5

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:44:12 GMT
Server: nginx/1.12.2
ETag: W/"5eb197dc-4eaa"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK jquery-fancybox-mobiledetect-uuid.js Show response
64.62.227.27/static/js-v3/ 146 KB
62 KB 380ms
352ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: db135e93bd989f186cc30e9846c9b9c02e19d1bfd319ed0f1703282ac40d500f

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 07:42:38 GMT
Server: nginx/1.12.2
ETag: W/"5d5269ee-248c5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK global-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 18 KB
6 KB 545ms
202ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7a9fc0e7074958554676da7f36336a6acdba185d21322a6ff5ef2099a00c46f8

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:31 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b3-476a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H/1.1 200
OK top-logo.png
64.62.227.27/img/v3/ 2 KB
3 KB 202ms
202ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/top-logo.png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Mon, 18 Jun 2018 21:28:42 GMT
Server: nginx/1.12.2
ETag: "5b28240a-8ab"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2219
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/52G6iYJNARI/ 20 KB
20 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/52G6iYJNARI/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6de4739870e18f216bd956bde27373051ffd3bbc0211adbca239b8acd5567346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20530
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:02 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Lq4dA-G1ig8/ 39 KB
39 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Lq4dA-G1ig8/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b446b84b6af05a88997d60472ccb256a81c1478718beeec74590b2f6f4edef1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "1588690742"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39578
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:02 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/MmYoY7Thkyo/ 32 KB
32 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/MmYoY7Thkyo/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa96426ec058e6e65b6640230a710f2dc252e3aa3740cee17ce61534bea56e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:59 GMT
x-content-type-options: nosniff
server: sffe
age: 241
etag: "1588722224"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32609
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:59 GMT

GET
H/1.1 200
OK antarctica-map.gif
64.62.227.27/contributor/upload/106013/images/ 141 KB
141 KB 202ms
202ms Image
image/gif 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/antarctica-map.gif
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9488850a83b36380b92f2052f4884826d9ce88694f91182316d1dafa52309372

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Mon, 04 May 2020 15:29:39 GMT
Server: nginx/1.12.2
ETag: "5eb034e3-23471"
Content-Type: image/gif
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144497
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/M_9bQ_Ri9p0/ 44 KB
45 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/M_9bQ_Ri9p0/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

301277f94bb1bf77779eac1e90b1f556604f894545aa025ba76fe88f94852077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 06:31:36 GMT
x-content-type-options: nosniff
server: sffe
age: 6024
etag: "1588480325"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45532
x-xss-protection: 0
expires: Wed, 06 May 2020 08:31:36 GMT

GET
H/1.1 200
OK proxy_duckduckgo_com(1015)(1).jpg
64.62.227.27/contributor/upload/106013/images/ 33 KB
33 KB 200ms
194ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/proxy_duckduckgo_com(1015)(1).jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fb583ef3ef4386a21f055a4cf9eddb69b5856b84388836a82b2c17978cd2d4f7

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Mon, 04 May 2020 22:15:54 GMT
Server: nginx/1.12.2
ETag: "5eb0941a-8499"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33945
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H/1.1 200
OK tips-to-combat-the-coronavirus-middle-ad-banner-desktop-v2a.jpg
tapnewswire.com/wp-content/uploads/2020/05/ 32 KB
33 KB 529ms
151ms Image
image/jpeg 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/uploads/2020/05/tips-to-combat-the-coronavirus-middle-ad-banner-desktop-v2a.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: 32c926b529b73f2a10dc34c0d816bae9fb990dc560bf5254221ce8d4120d39d4

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Sun, 03 May 2020 10:57:07 GMT
Server: nginx
ETag: "5eaea383-817a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33146

GET
H2 404 hqdefault.jpg
img.youtube.com/vi/ICtsXNtf_GQ/ 1 KB
1 KB 28ms
21ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ICtsXNtf_GQ/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/jpeg
status: 404
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:30 GMT

GET
H2 200 RFK-Good-shot-640x417-e1588537496251.jpeg
www.naturalblaze.com/wp-content/uploads/2017/09/ 32 KB
32 KB 92ms
58ms Image
image/jpeg 2606:4700:3033::681b:8fb8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalblaze.com/wp-content/uploads/2017/09/RFK-Good-shot-640x417-e1588537496251.jpeg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:8fb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef84f3b48b18d96f286a88d8443febfc2164eb8687487c2ca584bd2f7b3e936

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
cf-cache-status: HIT
last-modified: Sun, 03 May 2020 20:24:56 GMT
server: cloudflare
age: 214994
etag: "5eaf2898-7fc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 58f13bd61f4905f1-FRA
content-length: 32706
cf-request-id: 028aa3b9cf000005f1aa14f200000001

GET
H/1.1 200
OK Fulford3.jpg
64.62.227.27/contributor/upload/428376/images/ 14 KB
15 KB 204ms
198ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/428376/images/Fulford3.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9344d9cbd0ad7f246ddea3260a16d19f3e72194732393ac5b660957ddec80adc

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Mon, 12 Jun 2017 15:46:10 GMT
Server: nginx/1.12.2
ETag: "593eb742-399d"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14749
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/uVPvv_5UISU/ 71 KB
71 KB 25ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uVPvv_5UISU/maxresdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b66b12b821c9d03f5388c47792815258a6c17e79f08f549bc633d9d55503412d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:04:14 GMT
x-content-type-options: nosniff
server: sffe
age: 466
etag: "1588262927"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72800
x-xss-protection: 0
expires: Wed, 06 May 2020 10:04:14 GMT

GET
H/1.1 200
OK robert-david-steele-book-review(3).jpg
64.62.227.27/contributor/upload/106013/images/ 30 KB
30 KB 204ms
198ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/robert-david-steele-book-review(3).jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 220dace0bf9041dcf00e9205d5839b2528cbaf173d9f931cb13165c4b90094fa

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Tue, 05 May 2020 09:38:05 GMT
Server: nginx/1.12.2
ETag: "5eb133fd-7666"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30310
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 JarBNp.png
iili.io/ 3 MB
3 MB 166ms
18ms Image
image/png 2606:4700:3037::6818:7392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iili.io/JarBNp.png

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6818:7392 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

974e9af8cfbec6ed2513aca84f4e96abd7714897541c7049472d18b7437cc2bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2496
status: 200
content-length: 2739968
x-xss-protection: 1; mode=block
last-modified: Tue, 05 May 2020 22:51:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5eb1ede5-29cf00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-request-id: 028aa3ba42000064a30c937200000001
accept-ranges: bytes
cf-ray: 58f13bd6dc5364a3-FRA

GET
H2 200 tenor.gif
media1.tenor.com/images/8e53583f1c3575147bf2c809f925e9c0/ 219 KB
219 KB 173ms
54ms Image
image/gif 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media1.tenor.com/images/8e53583f1c3575147bf2c809f925e9c0/tenor.gif?itemid=8941940
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99c7037ea90da3648731c18eca3a7f8947a136a3de1df6510bdd99543bf4062a

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
etag: "8e53583f1c3575147bf2c809f925e9c0"
age: 355657
x-cache: HIT, HIT
status: 200
content-length: 224122
x-amz-id-2: 0853+HXgwErmwEQTrEzXhycmiZRmig6yhTzlf/+GsPJTA5/d9U3GYjJ1bjxlAVgX52ewH0pZQMw=
x-served-by: cache-sea4448-SEA, cache-hhn4032-HHN
last-modified: Sat, 17 Jun 2017 02:33:55 GMT
server: AmazonS3
x-timer: S1588752720.450930,VS0,VE1
date: Wed, 06 May 2020 08:12:00 GMT
vary: Accept, Accept
x-amz-request-id: 1592CE8CCBD351DB
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 1, 1

GET
H2 200 Code-Crash-Computer-Error-Bug.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2020/05/ 174 KB
174 KB 291ms
260ms Image
image/jpeg 2606:4700::6810:8646
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2020/05/Code-Crash-Computer-Error-Bug.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8646 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71cdfa3d34235b89e3f9bc10e83edbd93222243415d0bb53fe609c3bd47e132b

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
status: 200
content-length: 178235
cf-request-id: 028aa3b9cd000005b3e2332200000001
last-modified: Wed, 06 May 2020 04:44:29 GMT
server: cloudflare
etag: "5cbdfc66123d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 58f13bd61fd505b3-FRA
expires: Wed, 06 May 2020 08:13:00 GMT

GET
H/1.1 200
OK 0(26).jpg
64.62.227.27/contributor/upload/106013/images/ 10 KB
10 KB 204ms
203ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/0(26).jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0a7007fa6109186f46b3d927d8f7d0f9e1d4b941790f0b83ec428c461421be94

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Tue, 05 May 2020 21:01:43 GMT
Server: nginx/1.12.2
ETag: "5eb1d437-284e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10318
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 5G-tower-scaled.jpg
i0.wp.com/avoidthemark.com/wp-content/uploads/2020/04/ 191 KB
191 KB 121ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/avoidthemark.com/wp-content/uploads/2020/04/5G-tower-scaled.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

da718336c1ba642790767e90e95bdcb1326a7918f277077ea6c59d5b209c4ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
x-bytes-saved: 176141
last-modified: Sat, 02 May 2020 15:10:14 GMT
server: nginx
etag: "480a49cced92985b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://avoidthemark.com/wp-content/uploads/2020/04/5G-tower-scaled.jpg>; rel="canonical"
content-length: 195552
expires: Tue, 03 May 2022 03:10:14 GMT

GET
H2 200 screen-shot-2020-05-03-at-3.14.38-pm.png
justusaknight.files.wordpress.com/2020/05/ 1 MB
1 MB 124ms
56ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://justusaknight.files.wordpress.com/2020/05/screen-shot-2020-05-03-at-3.14.38-pm.png?w=2924
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: eff6c9f6c9c02727ed1b9fb784f1ce740a5a2b33f8760a477e73f226bf68672f

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 23 np
date: Wed, 06 May 2020 08:12:00 GMT
last-modified: Sun, 03 May 2020 22:17:52 GMT
server: nginx
vary: Accept
content-type: image/png
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 1294171
expires: Sun, 07 Jun 2020 14:49:46 GMT

GET
H/1.1 200
OK the-matrix-red-or-blue-pill2.jpg
64.62.227.27/contributor/upload/352132/images/ 40 KB
41 KB 384ms
192ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/352132/images/the-matrix-red-or-blue-pill2.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ee21d95ded7d3979310536a68f2997280d65748dae9a4f6bcfa81fa0af48e563

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Wed, 29 Apr 2020 08:25:22 GMT
Server: nginx/1.12.2
ETag: "5ea939f2-a11a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41242
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/xe9MNQnSY6I/ 5 KB
5 KB 26ms
20ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/xe9MNQnSY6I/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

038d3b11a1db4500dc7391ca9293d45f92b82ca66d1647d1cfc22f62f4e4ce99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:42:18 GMT
x-content-type-options: nosniff
server: sffe
age: 1782
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4672
x-xss-protection: 0
expires: Wed, 06 May 2020 09:42:18 GMT

GET
H/1.1 200
OK unnamedggggg.jpg
64.62.227.27/contributor/upload/106013/images/ 8 KB
9 KB 204ms
204ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/unnamedggggg.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 116fc56ce33fafc31e41008dd763064533a5844ddec4bd1632c82d73139318cc

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Sun, 03 May 2020 16:22:45 GMT
Server: nginx/1.12.2
ETag: "5eaeefd5-20d7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8407
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H2 200 bak20_petermann.gif
www.geosociety.org/images/GSA/media/2020/ 19 MB
19 MB 761ms
224ms Image
image/gif 13.64.241.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.geosociety.org/images/GSA/media/2020/bak20_petermann.gif

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.64.241.5 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a70d50b3dd71482fa7afddfcc2f4b6c2909b8f2293e2000da5a94832be195e4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
last-modified: Thu, 30 Apr 2020 15:31:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "fff8d6041fd61:0"
x-frame-options: sameorigin
content-type: image/gif
status: 200
cache-control: max-age=172800
date: Wed, 06 May 2020 08:12:01 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19628382

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/wdLBq_QrQGE/ 37 KB
37 KB 23ms
18ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/wdLBq_QrQGE/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26afb802925e9b67a43398f4f61642b283f7cfde5346e37839e46b6e3a6a33d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "1588634329"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37627
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:02 GMT

GET
H2

200

0504_SPLIT-1-RN.jpg
cpb-us-e1.wpmucdn.com/news-network.rice.edu/dist/c/2/files/2020/05/
Redirect Chain

https://news.rice.edu/files/2020/05/0504_SPLIT-1-RN.jpg
https://cpb-us-e1.wpmucdn.com/news-network.rice.edu/dist/c/2/files/2020/05/0504_SPLIT-1-RN.jpg

30 KB
31 KB

119ms
58ms

Image
image/jpeg

151.139.243.2
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpb-us-e1.wpmucdn.com/news-network.rice.edu/dist/c/2/files/2020/05/0504_SPLIT-1-RN.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.2 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: dbbcebe8bacb7f0ffba04f8c2ca8bdeaff7edf837d9e7a3387be6e095792be89

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-amz-request-id: FAA15040D853CBC8
x-cache: HIT
status: 200
content-length: 30866
x-amz-id-2: x0gFf4EwbU1W7w1pYiwaYgfPRXtU9lhTi9a0WSJCcCKX0rrO4l5ltKcDDfFr8wgDN2Qthw0nmjw=
x-amz-meta-compressed: 47.90
last-modified: Mon, 04 May 2020 16:19:22 GMT
server: nginx
etag: "81f318c61bbb636c32ad7a02840d7895"
x-amz-version-id: jMTNd8OCZy8KK8y14a8mQ2UOCCgSVbs2
access-control-allow-origin: *
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 01 May 2021 08:12:00 GMT

Redirect headers

date: Wed, 06 May 2020 08:12:00 GMT
server: openresty
cache-control: public, max-age=31536000
etag: f353a570ce0ff121e8afface7ecb134d
status: 302
x-cache: BYPASS
content-type: image/jpeg
location: https://cpb-us-e1.wpmucdn.com/news-network.rice.edu/dist/c/2/files/2020/05/0504_SPLIT-1-RN.jpg
x-cache-bypass-reason: Arguments found

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/NXnnnSQCNTM/ 220 KB
221 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NXnnnSQCNTM/maxresdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b584886723f660917ad7b367cdf738ce70656781681bf603fe4577e5e672337d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225673
x-xss-protection: 0
expires: Wed, 06 May 2020 08:17:00 GMT

GET
H/1.1 200
OK outbreak-coronavirus-world-1024x506px.jpg
www.cdc.gov/media/dpk/diseases-and-conditions/coronavirus/images/ 438 KB
438 KB 31ms
6ms Image
image/jpeg 2a02:26f0:6c00:19a::2461
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cdc.gov/media/dpk/diseases-and-conditions/coronavirus/images/outbreak-coronavirus-world-1024x506px.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:19a::2461 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

7ca695352f5c1ad4e8744f0a3f81ac4d7adf782ecdd54f3bf26c89884c304a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Wed, 19 Feb 2020 16:55:29 GMT
ETag: "6f47276445e7d51:0"
Strict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
SRV: 2
Content-Length: 448385
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK unnamed55555.jpg
64.62.227.27/contributor/upload/106013/images/ 50 KB
51 KB 190ms
190ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/unnamed55555.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c0a0dacda4c8811a556152cf03f8d5181d45bc291a069e1ed05bd63e74f9ea95

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Sun, 03 May 2020 14:55:43 GMT
Server: nginx/1.12.2
ETag: "5eaedb6f-c9e9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51689
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/FFZarEN1BrQ/ 32 KB
32 KB 21ms
17ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FFZarEN1BrQ/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2b1ad3cb11f833aff9eafaf4a7acb7591c28ba06eb0933da01a650f2081a3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:08:08 GMT
x-content-type-options: nosniff
server: sffe
age: 232
etag: "1588633916"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32342
x-xss-protection: 0
expires: Wed, 06 May 2020 08:13:08 GMT

GET
H/1.1 200
OK loading.gif
64.62.227.27/img/v3/ 37 KB
38 KB 577ms
190ms Image
image/gif 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/loading.gif
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Wed, 13 Jun 2018 18:37:21 GMT
Server: nginx/1.12.2
ETag: "5b216461-95e7"
Content-Type: image/gif
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38375
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/RjePVhDfaMk/ 12 KB
13 KB 7ms
6ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RjePVhDfaMk/hqdefault.jpg?sqp=-oaymwEZCPYBEIoBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLAllWEZUD_q1NvGdfcP-AQA_h45dg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc992be2d573cd1ebfe75a7550675ccee88a5d15e02f5346113606764876d315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "1587675975"
content-type: image/webp
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12744
x-xss-protection: 0
expires: Wed, 06 May 2020 10:07:02 GMT

GET
H2 200 Chaos-Disaster-End-Of-World.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2020/05/ 119 KB
120 KB 26ms
26ms Image
image/jpeg 2606:4700::6810:8646
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2020/05/Chaos-Disaster-End-Of-World.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8646 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b0a69c4a6acc68166c16f37fec4e44bc49be649b8bc4afa5098c7295524079db

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
cf-cache-status: HIT
age: 48
x-powered-by: ASP.NET
status: 200
content-length: 122124
cf-request-id: 028aa3baa0000005b3e234c200000001
last-modified: Tue, 05 May 2020 05:36:31 GMT
server: cloudflare
etag: "ac5285219f22d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 58f13bd76c6205b3-FRA
expires: Wed, 06 May 2020 08:13:00 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/rnbf9wccdxE/ 29 KB
29 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rnbf9wccdxE/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

521adc59704ee23346cec5bab1abeb63cf7421a4b46c9f8346f3dcea5c951ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:18:59 GMT
x-content-type-options: nosniff
server: sffe
age: 3181
etag: "1588388289"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29669
x-xss-protection: 0
expires: Wed, 06 May 2020 09:18:59 GMT

GET
H2 200 800px-Mobile_phone_overuse.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/4d/Mobile_phone_overuse.jpg/ 80 KB
81 KB 45ms
15ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/4d/Mobile_phone_overuse.jpg/800px-Mobile_phone_overuse.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.7 /

Resource Hash

182857ce8cf9eb8cadc87c5155532dded004a1bc97f6a7cddd14a4c274ae7607

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:19:14 GMT
age: 3165
x-cache-status: hit-front
x-cache: cp3057 hit, cp3061 hit/34
status: 200
server-timing: cache;desc="hit-front"
content-length: 82376
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Sat, 08 Jun 2019 14:17:02 GMT
server: ATS/8.0.7
etag: 8df6c09f79c8e8f829837dc1cb3c0698
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1560003421.16635
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK 230912_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 84 KB
85 KB 673ms
139ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/230912_web.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8ccaf0a7fd807c863fda8e7bc73b3bf6fc08fdc82c76166057c48401e7bd3355

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Mon, 04 May 2020 16:38:33 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "14243f8-151fd-5a4d529666d3f"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 86525

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/wQSYdAX_9JY/ 30 KB
30 KB 14ms
10ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/wQSYdAX_9JY/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98e1d9f07fc70241ba7f11dbcbe5c186bca3a6d4fe45e67ab0a35be6fd920a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:22:26 GMT
x-content-type-options: nosniff
server: sffe
age: 2974
etag: "1588316204"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30563
x-xss-protection: 0
expires: Wed, 06 May 2020 09:22:26 GMT

GET
H/1.1 200
OK WHATS.png
64.62.227.27/contributor/upload/106013/images/ 7 KB
7 KB 201ms
201ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/WHATS.png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 62feeb09b7f6d4ffe4cd6e061b1184b85ef639720ae8ab92d2b2568a07c8f792

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Fri, 01 May 2020 22:53:01 GMT
Server: nginx/1.12.2
ETag: "5eaca84d-1b89"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7049
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/hcYkv9wZ-fE/ 28 KB
28 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hcYkv9wZ-fE/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52081b82a23acfc93e303ccbbb1ae906718325321f055518eaa48302d6331877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 06:55:29 GMT
x-content-type-options: nosniff
server: sffe
age: 4591
etag: "1587670816"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28269
x-xss-protection: 0
expires: Wed, 06 May 2020 08:55:29 GMT

GET
H/1.1 200
OK photo(11).jpg
64.62.227.27/contributor/upload/106013/images/ 47 KB
48 KB 191ms
191ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/photo(11).jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: bc5b2d7396c37c76bb0fea64050a46c93629c12c3b792d832b578ee8167c3fa7

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Mon, 04 May 2020 19:34:01 GMT
Server: nginx/1.12.2
ETag: "5eb06e29-bcc6"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48326
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H/1.1 200
OK 20200429_AKobayashi3.jpg
www.elsi.jp/-/media/Project/Elsi-Tenants/Elsi-Tenant/Elsi/research-highlights/2020/ 89 KB
90 KB 885ms
599ms Image
image/jpeg 131.112.112.128
TITECH Tokyo Inst...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.elsi.jp/-/media/Project/Elsi-Tenants/Elsi-Tenant/Elsi/research-highlights/2020/20200429_AKobayashi3.jpg?h=600&w=535&la=en&hash=4AE368102BF8B217E6A362ECEA1627B42E7F1AC8
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 131.112.112.128 Tokyo, Japan, ASN9367 (TITECH Tokyo Institute of Technology, JP),
Reverse DNS: www3.elsi.titech.ac.jp
Software: /
Resource Hash: 67021ed9c248b86b359f13844f0588d7b65cfb39c84afe2fdddb35437662ec50

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:16 GMT
Last-Modified: Tue, 28 Apr 2020 05:25:37 GMT
ETag: 1e88ead68a6b48b5bc157f0697791fd7
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Content-Disposition: inline; filename="20200429_AKobayashi3.jpg"
Accept-Ranges: bytes
Content-Length: 91330
Expires: Wed, 13 May 2020 08:12:16 GMT

GET
H/1.1 200
OK Trojan_Horse%20(1).png
64.62.227.27/contributor/upload/713008/images/ 46 KB
46 KB 205ms
204ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/713008/images/Trojan_Horse%20(1).png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5844ddc6cc8f7570f76a5d02103c0547a11bd401e9a52e176de229847079a412

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Tue, 28 Apr 2020 23:26:18 GMT
Server: nginx/1.12.2
ETag: "5ea8bb9a-b853"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47187
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H/1.1 200
OK fauci.jpg
www.dodgingdeception.com/wp-content/uploads/2020/04/ 45 KB
45 KB 343ms
268ms Image
image/jpeg 132.148.46.86
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.dodgingdeception.com/wp-content/uploads/2020/04/fauci.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 132.148.46.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-46-86.ip.secureserver.net
Software: Apache /
Resource Hash: 5db54b61eedc1eb80e8c9e879774553707e1596e38b3ef22b37c7c4d0ee360d7

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Tue, 21 Apr 2020 03:54:27 GMT
Server: Apache
ETag: "1e2869-b38b-5a3c4f8d36f9a"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5
Content-Length: 45963

GET
H/1.1 200
OK 444444(1).jpg
64.62.227.27/contributor/upload/106013/images/ 7 KB
7 KB 201ms
201ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/contributor/upload/106013/images/444444(1).jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d01403e9037e6359cc01e94ac42a4a0c60a956c3d4d11b1afe8ee8ca7f0bf8eb

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Sun, 03 May 2020 22:48:11 GMT
Server: nginx/1.12.2
ETag: "5eaf4a2b-1a24"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6692
Expires: Thu, 06 May 2021 08:12:01 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qq2uuHfmq8k/ 38 KB
38 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qq2uuHfmq8k/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

044d653d3ceb3b946b4c68e520b86f374d292597f367112348802146a377ae17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "1588102025"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38676
x-xss-protection: 0
expires: Wed, 06 May 2020 10:07:02 GMT

GET
H2 200 what-if.jpg
4.bp.blogspot.com/-rHz8cEN4XFc/Wm-u9odj88I/AAAAAAAB9Aw/WSJ7jPnDevQToZV0QIsazGsrzEBOkfg_gCLcBGAs/s400/ 34 KB
34 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-rHz8cEN4XFc/Wm-u9odj88I/AAAAAAAB9Aw/WSJ7jPnDevQToZV0QIsazGsrzEBOkfg_gCLcBGAs/s400/what-if.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8bc169bd568ca54b63776bbb4211a0b70d1ae58011a9aae6f239f51d6e5bc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 05:21:33 GMT
x-content-type-options: nosniff
age: 10227
status: 200
content-disposition: inline;filename="what-if.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35070
x-xss-protection: 0
server: fife
etag: "v1f40d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 May 2020 16:58:05 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/D-chBV7A0n8/ 27 KB
27 KB 15ms
15ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D-chBV7A0n8/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDICpHsLVmBYSPGL9GFY65HqqG3ZA

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca1d7765d3dccff1309f864a23b076d33cc7a69c439fe56ae0244e19f7e1cf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1588613324"
content-type: image/webp
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27386
x-xss-protection: 0
expires: Wed, 06 May 2020 08:17:00 GMT

GET
H/1.1 200
OK image.php
www.newswise.com/legacy/ 107 KB
107 KB 596ms
151ms Image
image/png 54.164.167.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newswise.com/legacy/image.php?image=/images/uploads/2020/04/27/STScI-H-2018a-f-3840x2160.png&width=502&height=334

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.164.167.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.newswise.com

Software

Apache/2.4.7 (Ubuntu) mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f / PHP/5.5.9-1ubuntu4.29

Resource Hash

eaa6ea16845bfbf0775fa2ca45b79628d26927d184698d95454085e1bcd0f089

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:47 GMT
X-Content-Type-Options: nosniff
X-Original-Content-Length: 131010
Server: Apache/2.4.7 (Ubuntu) mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Content-Type: image/png
Cache-Control: max-age=424
Connection: Keep-Alive
Keep-Alive: timeout=5, max=500
Content-Length: 109153
Etag: W/"PSA-aj-ZquLKNE0BF"
Expires: Wed, 06 May 2020 08:18:52 GMT

GET
H2 200 Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg
i0.wp.com/amg-news.com/wp-content/uploads/2020/04/ 43 KB
43 KB 33ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/amg-news.com/wp-content/uploads/2020/04/Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg?resize=696%2C391&ssl=1

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

64033276ca5e3af1767145de791323f03fa20f6ff0fdb64985d318e88a1bea58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 3
date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
x-bytes-saved: 10545
last-modified: Tue, 28 Apr 2020 14:59:29 GMT
server: nginx
etag: "31ef422592e30845"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://amg-news.com/wp-content/uploads/2020/04/Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg>; rel="canonical"
content-length: 43642
expires: Fri, 29 Apr 2022 02:59:29 GMT

GET
H2 200 screen-shot-2020-05-05-at-5.22.59-am.png
justusaknight.files.wordpress.com/2020/05/ 600 KB
600 KB 30ms
30ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://justusaknight.files.wordpress.com/2020/05/screen-shot-2020-05-05-at-5.22.59-am.png?w=1010&h=564
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c1b5bd459a8f06ae5e50340b6b47bb7c329f2b1c41b7add0e8b1ed98ae9b31d

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 23 np
date: Wed, 06 May 2020 08:12:00 GMT
last-modified: Tue, 05 May 2020 12:49:15 GMT
server: nginx
vary: Accept
content-type: image/png
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 614084
expires: Sat, 13 Jun 2020 03:15:15 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/CvhTQV5FNUE/ 7 KB
7 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/CvhTQV5FNUE/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c666dbd1ad9bf4155691d89fd1869827720d165de37f7f1053b0a50bc8b2c555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:07:02 GMT
x-content-type-options: nosniff
server: sffe
age: 298
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7088
x-xss-protection: 0
expires: Wed, 06 May 2020 08:12:02 GMT

GET
H2 200 header-logo.jpg
1.bp.blogspot.com/-ddnaYX3yjnA/XrJbL7cFBSI/AAAAAAACUXA/Gu-_w4N0bU867IbIEkH6qQqi2zJKvjS2ACLcBGAsYHQ/s400/ 20 KB
20 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ddnaYX3yjnA/XrJbL7cFBSI/AAAAAAACUXA/Gu-_w4N0bU867IbIEkH6qQqi2zJKvjS2ACLcBGAsYHQ/s400/header-logo.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f592c742f686068be649efb9de145be6f95ea8367f7bdcd0ded1bcb0808f894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 06:49:31 GMT
x-content-type-options: nosniff
age: 4949
status: 200
content-disposition: inline;filename="header-logo.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20431
x-xss-protection: 0
server: fife
etag: "v25171"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 May 2020 06:49:31 GMT

GET
H2 200 HAMMER-TIME.gif
jamesredpillsamerica.com/images/ 456 KB
457 KB 73ms
19ms Image
image/gif 2606:4700:3034::681c:1cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jamesredpillsamerica.com/images/HAMMER-TIME.gif
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1cf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b28ba2f3789966726b94e73ae5bc0633f220a0036abe2ee2b015e2252e5d67

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
cf-cache-status: HIT
age: 219175
x-proxy-cache-info: DT:1
status: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 466784
cf-request-id: 028aa3bb5e0000177e3d15a200000001
last-modified: Sun, 03 May 2020 19:17:53 GMT
server: cloudflare
etag: "5eaf18e1-71f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 58f13bd89c83177e-FRA
expires: Mon, 03 May 2021 19:19:04 GMT

GET
H2 200 human-implantable-quantum-dot-microneedle-vaccination-delivery-system-equals-666-mark-of-the-beast-antichrist-now-end-begins-bill-gates.jpg
www.nowtheendbegins.com/wp-content/uploads/2020/05/ 277 KB
278 KB 183ms
60ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nowtheendbegins.com/wp-content/uploads/2020/05/human-implantable-quantum-dot-microneedle-vaccination-delivery-system-equals-666-mark-of-the-beast-antichrist-now-end-begins-bill-gates.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

8f0c06ee02c4fa0b8f2b7b0820b35821b1cca71b9c3f9a575672a239adf83dae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
content-length: 284012
x-xss-protection: 1; mode=block
last-modified: Sun, 03 May 2020 21:22:39 GMT
server: nginx
etag: "5eaf361f-4556c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: STATIC/PATH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Le_rfTdayLs/ 40 KB
40 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Le_rfTdayLs/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789bfe6a9e9f0c70bc416b8c4abeb9da64d27f81479f51a1338e8fa5eee7ef72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:55:38 GMT
x-content-type-options: nosniff
server: sffe
age: 982
etag: "1586958304"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41323
x-xss-protection: 0
expires: Wed, 06 May 2020 09:55:38 GMT

GET
H/1.1 200
OK ads.png
64.62.227.27/img/v3/ 95 B
436 B 439ms
203ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/ads.png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Thu, 30 May 2019 00:55:31 GMT
Server: nginx/1.12.2
ETag: "5cef2a03-5f"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H/1.1 200
OK the_origin_of_ccp_virus.jpg
64.62.227.27/img/banner2020/ 36 KB
36 KB 414ms
188ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/banner2020/the_origin_of_ccp_virus.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c9c8286937b76dfd180d642df44491945e7f0a795841b53686182320e122678e

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Sat, 11 Apr 2020 21:43:08 GMT
Server: nginx/1.12.2
ETag: "5e9239ec-8f36"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36662
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H/1.1 200
OK tabs-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 189 B
572 B 201ms
201ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/tabs-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 335fa63197718a5840adef5761fc5c67b9fb4274798aa53b60cfdc4d4b2043a7

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:34 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b6-bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:11:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

147d4d36f639a2093c596ad073e718dcc89d5c9d78a12b13ca4fa713f1d078d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30216
x-xss-protection: 0
last-modified: Wed, 06 May 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 May 2020 08:12:00 GMT

GET
H/1.1 200
OK top-bg.png
64.62.227.27/img/v3/ 164 B
506 B 192ms
191ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/top-bg.png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3

Request headers

Referer: http://64.62.227.27/static/css-v3/global-bin-rev-494.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Mon, 18 Jun 2018 21:28:42 GMT
Server: nginx/1.12.2
ETag: "5b28240a-a4"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H/1.1 200
OK search.png
64.62.227.27/img/b4in/ 805 B
1 KB 319ms
192ms Image
image/png 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/b4in/search.png
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a

Request headers

Referer: http://64.62.227.27/static/css-v3/global-bin-rev-494.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Thu, 13 Apr 2017 09:52:51 GMT
Server: nginx/1.12.2
ETag: "58ef4a73-325"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 805
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H/1.1 200
OK TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: http://64.62.227.27

Response headers

Date: Fri, 01 May 2020 15:47:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 00:19:33 GMT
Server: sffe
Age: 404667
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 16468
X-XSS-Protection: 0
Expires: Sat, 01 May 2021 15:47:33 GMT

GET
H/1.1 200
OK RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/scada/v8/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: http://64.62.227.27

Response headers

Date: Tue, 14 Apr 2020 21:23:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Jul 2019 03:28:05 GMT
Server: sffe
Age: 1853339
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15124
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 21:23:01 GMT

GET
H2

200

beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame 30AD
Redirect Chain

http://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468

133 KB
37 KB

137ms
74ms

Script
text/javascript

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: DCEE7E5A1859EF3B
cf-polished: origSize=136281
status: 200
last-modified: Tue, 14 Apr 2020 10:32:10 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: 7XOP/ROfDPRfM+5xuaf4k+Mci3U1PFZ+ph/M7hq+hnif5ObYQC2xkK4/nVkaxPQRFyA62z3Ma8I=
cf-bgj: minify
server: cloudflare
etag: W/"47916287a0415d9f45a9eced327c836c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 028aa3bc6e0000f21042955200000001
cf-ray: 58f13bda4ffbf210-ARN
expires: Wed, 06 May 2020 09:12:01 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13bd99d37f14e-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3bbfe0000f14e1d8fe200000001
Expires: Wed, 06 May 2020 09:12:00 GMT

GET
H/1.1 200
OK culturebg.jpg
64.62.227.27/img/v3/ 15 KB
15 KB 505ms
190ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/culturebg.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Request headers

Referer: http://64.62.227.27/static/css-v3/global-bin-rev-494.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:00 GMT
Last-Modified: Sat, 09 Feb 2019 15:29:21 GMT
Server: nginx/1.12.2
ETag: "5c5ef1d1-3be6"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15334
Expires: Thu, 06 May 2021 08:12:00 GMT

GET
H2

200

beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame 40E2
Redirect Chain

http://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468

134 KB
37 KB

57ms
56ms

Script
text/javascript

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 2197
cf-polished: origSize=136922
status: 200
last-modified: Tue, 14 Apr 2020 10:35:13 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 643F696E7440AFF2
x-amz-id-2: IuKkCcwmGYfPDi98Ia1+r1L2o5vKJ5MSPuMU2hTEbMiYPPliv1odA5KGqhtstXZKUIQVJ/qRdpw=
cf-bgj: minify
server: cloudflare
etag: W/"19656a38703420602a45aa4d31c93b32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 028aa3bcaa0000f21042960200000001
cf-ray: 58f13bdaa908f210-ARN
expires: Wed, 06 May 2020 09:12:01 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13bda3f05f14e-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3bc670000f14e1d904200000001
Expires: Wed, 06 May 2020 09:12:01 GMT

GET
H/1.1 200
OK logo-bottom.jpg
64.62.227.27/img/v3/ 3 KB
3 KB 188ms
188ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/v3/logo-bottom.jpg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4

Request headers

Referer: http://64.62.227.27/static/css-v3/global-bin-rev-494.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Last-Modified: Wed, 06 Jun 2018 18:26:21 GMT
Server: nginx/1.12.2
ETag: "5b18274d-a0e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2574
Expires: Thu, 06 May 2021 08:12:01 GMT

POST
H/1.1 200
OK count.php Show response
64.62.227.27/core/ajax/counter/ 15 B
292 B 578ms
214ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/counter/count.php

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d150b91d17b71f2f8a55c1812c3ce11587bc5c15675add2bc5561add14fb6d51

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK carousel.php Show response
64.62.227.27/core/ajax/contributor/god_word/ 2 KB
1 KB 609ms
198ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/god_word/carousel.php?_=1588752720577

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0ea06005c9f12c534d2d0e02f1dc94dde98e9d245002920695c27c8dd0fb23eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5605
date: Wed, 06 May 2020 06:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Wed, 06 May 2020 08:38:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=248369285&t=pageview&_s=1&dl=http%3A%2F%2F64.62.227.27%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Po...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_gid=1558002952.1588752721&gjid=1813369038&_v=j81&z=781533550
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550&slf_rd=1&random=2397751173

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550&slf_rd=1&random=2397751173

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=276894917.1588752721&jid=93664943&_v=j81&z=781533550&slf_rd=1&random=2397751173
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK incr_views.php Show response
64.62.227.27/core/ajax/contributor/god_word/ 5 B
282 B 235ms
188ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/god_word/incr_views.php?id=219&_=1588752721207

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ea0d3117b48b4d44419070bc6a8d4122d1e12a96ca35c6f1079b08829968d163

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/gqqameMuwHs/ 20 KB
20 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/gqqameMuwHs/hqdefault.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952135b3fa9e66d3b52227d37c1bd20990ad839085d187944629a75d2b1870ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1543507054"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20022
x-xss-protection: 0
expires: Wed, 06 May 2020 10:12:01 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.27/
Origin: http://64.62.227.27

Response headers

date: Wed, 01 Apr 2020 15:38:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 2997198
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Thu, 01 Apr 2021 15:38:43 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 72ms
70ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=0&h=0&cols=4&pv=5&cbuster=1588752721251825103816&niet=4g&nisd=false&ref=&lu=http%3A%2F%2F64.62.227.27%2F&pageView=1&pvid=171e90aa564b4c883cc&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8004dbff247720babfbe6d327d2d372f788afde530bcd322e6dd9d180fe1c87c

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58f13bdbfce2f210-ARN
content-type: application/x-javascript; charset=utf-8
cf-request-id: 028aa3bd770000f21042975200000001

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 2 KB
1 KB 83ms
82ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=304&cols=1&pv=5&cbuster=1588752721282958025402&uniqId=1366a&niet=4g&nisd=false&ref=&lu=http%3A%2F%2F64.62.227.27%2F&pageView=0&pvid=171e90aa582949107fe&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aea9b73ac52061450716441782c73b2d37451e96d3d4dbaf43400570e0ae091

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58f13bdc2d59f210-ARN
content-type: application/x-javascript; charset=utf-8
cf-request-id: 028aa3bd940000f21042977200000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
502 B 158ms
157ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1588752721331757584804
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90df2fd1fd827ca2097ba4085ab5502f402dd7682d6c123f5bb3d3b0a07b26fe

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 58f13bdc6e29f210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3bdc40000f2104297b200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A01C 19 B
220 B 229ms
229ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1588752721335114120036
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13bdcaedbf210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 19
cf-request-id: 028aa3bde90000f21042981200000001

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 104ms
75ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 07 May 2020 08:12:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 97 KB
30 KB 52ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:28 GMT
server: nginx
etag: W/"5ea153c8-18582"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 07 May 2020 08:12:01 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 49ms
48ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 6896
status: 200
last-modified: Wed, 29 Apr 2020 06:59:41 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 43E8A76C70DE9CA3
x-amz-id-2: DS0ZaIbktyeNfd+5h2ft5SqOjIQKennfkXuAQqsm1Syg6FEVDVlE3Phf4Vzlyoyk9cAqamLsEiI=
cf-bgj: h2pri
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 028aa3bec00000f21042990200000001
cf-ray: 58f13bde0aeff210-ARN
expires: Wed, 06 May 2020 12:12:01 GMT

GET
H2 200 widget-ssp-performance
c.mgid.com/ Frame 30AD 43 B
265 B 147ms
145ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=73
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58f13bde1b3bf210-ARN
content-type: image/gif
cf-request-id: 028aa3bece0000f21042992200000001

GET
H2 200 widget-ssp-performance
c.mgid.com/ Frame 40E2 43 B
126 B 144ms
144ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=84
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58f13bde4bd3f210-ARN
content-type: image/gif
cf-request-id: 028aa3bef00000f21042999200000001

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
547 B 195ms
132ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k461AQ0PyTc1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58f13bdec83af15a-ARN
content-type: image/gif
cf-request-id: 028aa3bf390000f15a9e9d3200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=ca0663c4-1f7c-517f-aa3f-4de9f48d3cb8

43 B
180 B

164ms
163ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=ca0663c4-1f7c-517f-aa3f-4de9f48d3cb8
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13bdfc84df210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 028aa3bfe10000f210429ba200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=ca0663c4-1f7c-517f-aa3f-4de9f48d3cb8

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c6f5eca8-14a0-48a5-8c09-d678c10ec746

43 B
212 B

155ms
155ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c6f5eca8-14a0-48a5-8c09-d678c10ec746
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13be35b65f210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 028aa3c21a0000f210429ef200000001

Redirect headers

date: Wed, 06 May 2020 08:12:02 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=c6f5eca8-14a0-48a5-8c09-d678c10ec746
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 143ms
47ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k461AQ0PyTc1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:01 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=bd370a58-cd12-466e-8b48-c510a5ab3ec5

43 B
370 B

156ms
155ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=bd370a58-cd12-466e-8b48-c510a5ab3ec5
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13bdfc84ff210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 028aa3bfe10000f210429bb200000001

Redirect headers

status: 307
date: Wed, 06 May 2020 08:12:01 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=bd370a58-cd12-466e-8b48-c510a5ab3ec5

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=59cb9b40-3906-4899-b038-6226f8adbd63
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=59cb9b40-3906-4899-b038-6226f8adbd63
https://cm.mgid.com/m?cdsp=433145&c=59cb9b40-3906-4899-b038-6226f8adbd63

43 B
251 B

265ms
265ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=59cb9b40-3906-4899-b038-6226f8adbd63
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13be2689bf210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 028aa3c1810000f210429d9200000001

Redirect headers

status: 302
date: Wed, 06 May 2020 08:12:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=59cb9b40-3906-4899-b038-6226f8adbd63
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k461AQ0PyTc1
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k461AQ0PyTc1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59cb9b40-3906-4899-b038-6226f8adbd63

1 B
873 B

218ms
54ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59cb9b40-3906-4899-b038-6226f8adbd63
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Wed, 06 May 2020 08:12:02 GMT
X-lat: Pug22072:0:287
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

status: 302
date: Wed, 06 May 2020 08:12:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59cb9b40-3906-4899-b038-6226f8adbd63
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQ2MUFRMFB5VGMx&muidn=k461AQ0PyTc1
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQ2MUFRMFB5VGMx&muidn=k461AQ0PyTc1&google_tc=
https://cm.mgid.com/google?muidn=k461AQ0PyTc1&google_ula={guid},5&google_gid=CAESEPdRSofUGbJ3S8V0mq8cu2g&google_cver=1

0
71 B

280ms
280ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k461AQ0PyTc1&google_ula={guid},5&google_gid=CAESEPdRSofUGbJ3S8V0mq8cu2g&google_cver=1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
status: 200
accept-ranges: bytes
cf-ray: 58f13be14d11f210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 028aa3c0cb0000f210429cb200000001

Redirect headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k461AQ0PyTc1&google_ula={guid},5&google_gid=CAESEPdRSofUGbJ3S8V0mq8cu2g&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=f98bfff0-8f6e-4d15-824f-3e3fd01d22b9&ttl=1591344722

43 B
305 B

183ms
183ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=f98bfff0-8f6e-4d15-824f-3e3fd01d22b9&ttl=1591344722
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58f13be15d63f210-ARN
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 028aa3c0db0000f210429cc200000001

Redirect headers

pragma: no-cache
date: Wed, 06 May 2020 08:12:02 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=f98bfff0-8f6e-4d15-824f-3e3fd01d22b9&ttl=1591344722
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 191ms
62ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=17756361922
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 06 May 2020 08:12:01 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://64.62.227.27
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 192ms
62ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=77419177973
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 06 May 2020 08:12:01 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://64.62.227.27
timing-allow-origin: *
vary: Origin

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62....
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62...

0
528 B

54ms
54ms

Image
text/plain

172.227.85.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-85-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721676&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 06 May 2020 08:12:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62....
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62...

0
528 B

63ms
62ms

Image
text/plain

172.227.85.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-85-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588752721677&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.27%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 06 May 2020 08:12:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 12ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 01 May 2021 08:12:01 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 12ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:01 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 01 May 2021 08:12:01 GMT

GET
H/1.1 200
OK jsDynamic-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 7 KB
2 KB 205ms
204ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/jsDynamic-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5d6a08294f6c40f597af49902c66cbfeb2b2876a7d9499eb4c3385879c0da222

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:33 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b5-1bff"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:12:10 GMT

GET
H/1.1 200
OK responsive-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 2 KB
1 KB 193ms
192ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/responsive-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:33 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b5-6c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:12:10 GMT

GET
H/1.1 200
OK validate-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 6 KB
2 KB 191ms
191ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/validate-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:35 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b7-1849"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:12:10 GMT

GET
H/1.1 200
OK loadmore-bin-rev-494.js Show response
64.62.227.27/static/js-v3/ 14 KB
3 KB 188ms
188ms Script
application/javascript 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.27/static/js-v3/loadmore-bin-rev-494.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5e71d120c20a36ead1b0de125080941558bf3f653c529c26764dd61a8baa5d24

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 16:43:33 GMT
Server: nginx/1.12.2
ETag: W/"5eb197b5-3928"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 13 May 2020 08:12:10 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
2 KB 214ms
71ms Script
text/html 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_828&c=1588752730537&width=1600&referer=http%3A%2F%2F64.62.227.27%2F

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jsDynamic-bin-rev-494.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

77050fd5f34724d2562e83778d57a8892efb0b80a7a3e1e93cfdc330268d3a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:10 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.27
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK serve.js.php Show response
trends.revcontent.com/ 4 KB
2 KB 143ms
108ms Script
text/html 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://trends.revcontent.com/serve.js.php?w=100246&t=rc_155&c=1588752730537&width=1600&referer=http%3A%2F%2F64.62.227.27%2F
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jsDynamic-bin-rev-494.js
Protocol: HTTP/1.1
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: e5d14b1eb7844c055393b0cf60e600183c991a5c6f611651d2c38ef7b2929534

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
Access-Control-Allow-Origin: http://64.62.227.27
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 70ms
30ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jsDynamic-bin-rev-494.js
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 May 2020 15:26:47 GMT
Server: NetDNA-cache/2.2
ETag: W/"5443-1588692407000"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: https://lockerdome.com

POST
H/1.1 200
OK carousel.php Show response
64.62.227.27/core/ajax/contributor/v3_banners/ 479 B
589 B 206ms
206ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

8dedf88eeab3a61fa64732016efd11eed14271358b8cad799d9ae2a9a9939b23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK carousel.php Show response
64.62.227.27/core/ajax/contributor/v3_banners/ 480 B
590 B 195ms
194ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c0f48819f075d178a669cc84064bbd35d747d86b23b9725a3402995e75b7726b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK showing.php Show response
64.62.227.27/core/ajax/contributor/v3_live_stream/ 709 B
594 B 202ms
202ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/v3_live_stream/showing.php?_=1588752730550

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

881ba5fb755a8068b63306941021195713d9d51b24763605ca6711d5eda42be3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 11ms
10ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3494
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 58f13c15fcdd05ed-FRA
cf-request-id: 028aa3e1b8000005eda511f200000001
expires: Wed, 06 May 2020 20:12:10 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
64.62.227.27/core/ajax/contributor/v3_rotating_text_links/ 23 KB
3 KB 188ms
188ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1588752730551

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3fbb5c29aa3c9b0a146f9cfa3f71dbf1e1aaef496d5ecf0a4a8ee1825e9e0b37

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK get-most-recent-stories-list.php Show response
64.62.227.27/v3/recent/ 13 KB
4 KB 202ms
202ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/v3/recent/get-most-recent-stories-list.php?_=1588752730551

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2828ce5f049d4980a2d2c7de9f8c88f7df09273d09967c17615b7efb3bd45358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame A201 0
0 672ms
170ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=http%3A%2F%2F64.62.227.27&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://64.62.227.27/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.27/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 06 May 2020 08:12:11 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame F305 0
0 678ms
173ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=http%3A%2F%2F64.62.227.27&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://64.62.227.27/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.27/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 06 May 2020 08:12:11 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 71 KB
20 KB 291ms
290ms XHR
text/javascript 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_155&c=1588752730537&width=1600&site_url=http%3A%2F%2F64.62.227.27%2F&referer=&skip_demand=true

Requested by

Host: trends.revcontent.com
URL: http://trends.revcontent.com/serve.js.php?w=100246&t=rc_155&c=1588752730537&width=1600&referer=http%3A%2F%2F64.62.227.27%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

929ef0f82e8ac0fee3228422b8d9cc1e7abd416db5bcaea92020a3ad275683b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 May 2020 08:12:10 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.27
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU...
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D%26bidder%3D3%26bidder_uid%...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA

35 B
213 B

80ms
80ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:11 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D&geo=35&rev_d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DZmMyMTE3Mjc0NzI1MGE0ZWU1N...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&geo=35&rev_dt=1588752730

35 B
214 B

82ms
82ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&geo=35&rev_dt=1588752730
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:10 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:12 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 9e567a11-e440-448c-ab89-e0cf2907bd94
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&geo=35&rev_dt=1588752730
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588752730
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1588752730
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=2ea37211-d9ac-466f-9e58-54938d9a7986
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=2ea37211-d9ac-466f-9e58-54938d9a7986
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=18f1ba0f-0a26-438e-afe3-aed88aba5d43&ssp=revcontent
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=2ea37211-d9ac-466f-9e58-54938d9a7986

35 B
214 B

82ms
82ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=2ea37211-d9ac-466f-9e58-54938d9a7986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

status: 302
date: Wed, 06 May 2020 08:12:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=2ea37211-d9ac-466f-9e58-54938d9a7986
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 568ms
157ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%253D&pushdata=109&secure=1&rev_dt=1588752730
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Wed, 06 May 2020 08:12:11 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&rev_dt=1588752730
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU%3D&rev_dt=1588752730
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU=&bidder=154&bidder_uid=131339a6-1d6b-47fb-a592-181839b8aa42

35 B
214 B

87ms
87ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU=&bidder=154&bidder_uid=131339a6-1d6b-47fb-a592-181839b8aa42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=ZmMyMTE3Mjc0NzI1MGE0ZWU1N2MwMzJmZTJhZTRjYWU=&bidder=154&bidder_uid=131339a6-1d6b-47fb-a592-181839b8aa42
Date: Wed, 06 May 2020 08:12:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK increment_views.php Show response
64.62.227.27/core/ajax/contributor/v3_rotating_text_links/ 142 B
349 B 190ms
190ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/contributor/v3_rotating_text_links/increment_views.php?ids=4839%2C4878%2C4820%2C4820%2C4670%2C4889%2C4895%2C4916%2C4687%2C4840%2C4895%2C4687%2C4879%2C4687&_=1588752730742

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

04bd0f40f05e892881a2b6581085db5f1f2f3165f1e375aef152ca6d7d76d108

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK incr_banner_views.php Show response
64.62.227.27/core/ajax/counter/ 6 B
283 B 202ms
201ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/counter/incr_banner_views.php?id=2044&_=1588752730754

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

cc8d1ad2d7ff4f5872ffce16fc7c775e0f1117658e0529fe40f205ce686ba7cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 8ac1c88a9f898c7313297c88c550d23cd85579c3.jpeg
64.62.227.27/img/i2020/05/ 14 KB
14 KB 192ms
191ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/i2020/05/8ac1c88a9f898c7313297c88c550d23cd85579c3.jpeg
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d5a3b8ed4ca3813bfa34912eb8ad5b6af55367c32c6e10e5b06f71952322254a

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Last-Modified: Wed, 21 Aug 2019 02:33:33 GMT
Server: nginx/1.12.2
ETag: "5d5cad7d-389f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14495
Expires: Thu, 06 May 2021 08:12:10 GMT

GET
H2 200 52G6iYJNARI
www.youtube.com/embed/ Frame 8B91 0
0 152ms
136ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/52G6iYJNARI?rel=0&autoplay=0&mute=0

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/52G6iYJNARI?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://64.62.227.27/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.27/

Response headers

status: 200
content-encoding: br
cache-control: no-cache
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
date: Wed, 06 May 2020 08:12:10 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=kOMCEqlMy7g; path=/; domain=.youtube.com; secure; expires=Mon, 02-Nov-2020 08:12:10 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 06-May-2020 08:42:10 GMT VISITOR_INFO1_LIVE=kOMCEqlMy7g; path=/; domain=.youtube.com; secure; expires=Mon, 02-Nov-2020 08:12:10 GMT; httponly; samesite=None YSC=hZ-BLFdyMqE; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Lq4dA-G1ig8
www.youtube.com/embed/ Frame 4FA7 0
0 160ms
146ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Lq4dA-G1ig8?rel=0&autoplay=0&mute=0

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Lq4dA-G1ig8?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://64.62.227.27/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.27/

Response headers

status: 200
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
cache-control: no-cache
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Wed, 06 May 2020 08:12:10 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=D83iJuCB1Lo; path=/; domain=.youtube.com; secure; expires=Mon, 02-Nov-2020 08:12:10 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=D83iJuCB1Lo; path=/; domain=.youtube.com; secure; expires=Mon, 02-Nov-2020 08:12:10 GMT; httponly; samesite=None YSC=u-0mJxxseR8; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 06-May-2020 08:42:10 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 header-logo.jpg
1.bp.blogspot.com/-ddnaYX3yjnA/XrJbL7cFBSI/AAAAAAACUXA/Gu-_w4N0bU867IbIEkH6qQqi2zJKvjS2ACLcBGAsYHQ/s400/ 20 KB
20 KB 9ms
5ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ddnaYX3yjnA/XrJbL7cFBSI/AAAAAAACUXA/Gu-_w4N0bU867IbIEkH6qQqi2zJKvjS2ACLcBGAsYHQ/s400/header-logo.jpg

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f592c742f686068be649efb9de145be6f95ea8367f7bdcd0ded1bcb0808f894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 06:49:31 GMT
x-content-type-options: nosniff
age: 4959
status: 200
content-disposition: inline;filename="header-logo.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20431
x-xss-protection: 0
server: fife
etag: "v25171"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 May 2020 06:49:31 GMT

GET
H/1.1 200
OK 2DE59654-9625-419C-93EE-EA8F8CDE007E-239x300.jpeg
tapnewswire.com/wp-content/uploads/2020/05/ 12 KB
12 KB 331ms
164ms Image
image/jpeg 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/uploads/2020/05/2DE59654-9625-419C-93EE-EA8F8CDE007E-239x300.jpeg
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: f91a38581cd8b5139df783bffbdc39f23562cd91385ad6e08129e53f4c4fb9d0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:11 GMT
Last-Modified: Wed, 06 May 2020 07:42:22 GMT
Server: nginx
ETag: "5eb26a5e-2ebf"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11967

GET
H2 200 PHOTO-GOES%2016%20full%20disk%20image%20of%20hurricanes%20Katia%2C%20Irma%20and%20Jose%20captured%20September%208%202017-NOAA%20-%201125x534-%20Landscape.jpg
www.noaa.gov/sites/default/files/styles/scale_crop_1120x534/public/thumbnails/image/ 542 KB
543 KB 219ms
38ms Image
image/jpeg 2600:9000:2093:c800:5:ff17:fd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.noaa.gov/sites/default/files/styles/scale_crop_1120x534/public/thumbnails/image/PHOTO-GOES%2016%20full%20disk%20image%20of%20hurricanes%20Katia%2C%20Irma%20and%20Jose%20captured%20September%208%202017-NOAA%20-%201125x534-%20Landscape.jpg?itok=aNH-knXL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2093:c800:5:ff17:fd00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

ed85e1e83c88ed7d1c2c7ca839105a0fc5d5e9bea694dc61e09443ce42f4a147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:00:14 GMT
via: 1.1 c1.w3.woc (squid), 1.1 d66ba6ddafce2f17d4194c66f1af89fc.cloudfront.net (CloudFront)
age: 723
x-cache: Hit from cloudfront
status: 200
content-length: 554758
last-modified: Sun, 23 Feb 2020 13:05:13 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "87706-59f3de7bc1663"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
x-amz-cf-id: ykzTRQX_kLhKsxcvd0nGUQ_aSX4UfbzNrSIH__982NUf8trqZoqFTg==
expires: Wed, 06 May 2020 09:00:14 GMT

GET
H/1.1 200
OK lightning_225x225.png
www.aftau.org/image/press-releases/2018/december/ 64 KB
64 KB 642ms
148ms Image
image/png 63.128.3.112
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aftau.org/image/press-releases/2018/december/lightning_225x225.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.128.3.112 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

4e1cc2de6af70f3fe924b8c2da7534e7ffbc807c8780bdb69335ac9b4d195e53

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Last-Modified: Wed, 26 Dec 2018 16:53:34 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
content-disposition: filename="lightning_225x225.png"
Cache-Control: private
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Length: 65283
X-XSS-Protection: 1; mode=block

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/araYfnovbNo/ 21 KB
21 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/araYfnovbNo/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85a00b66394765144be4a8286f3300fd285ea9f122c2e13e6eeae9fbe35c6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:59:13 GMT
x-content-type-options: nosniff
server: sffe
age: 777
etag: "1586023313"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21345
x-xss-protection: 0
expires: Wed, 06 May 2020 09:59:13 GMT

GET
H2 200 IMG_2348.JPG
1.bp.blogspot.com/-xCm0uFASp-4/U2LP4bli6HI/AAAAAAADdMY/h0cjLFafNlAdgGpYg2QB__wClyWMe68AgCPcBGAYYCw/s320/ 40 KB
41 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xCm0uFASp-4/U2LP4bli6HI/AAAAAAADdMY/h0cjLFafNlAdgGpYg2QB__wClyWMe68AgCPcBGAYYCw/s320/IMG_2348.JPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5055ace9b549553232ea4a6a6b5ce3d49a207b0179944bf8a30ce5d5e201549b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:57:05 GMT
x-content-type-options: nosniff
age: 905
status: 200
content-disposition: inline;filename="IMG_2348.JPG"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41403
x-xss-protection: 0
server: fife
etag: "v374c6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 May 2020 07:57:05 GMT

GET
H/1.1 200
OK lumbini.jpg
www.un.org/sites/un2.un.org/files/styles/banner-image-style-27-10/public/ 104 KB
105 KB 467ms
168ms Image
image/jpeg 157.150.185.49
SITA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.un.org/sites/un2.un.org/files/styles/banner-image-style-27-10/public/lumbini.jpg?itok=YsvcV-7K

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.150.185.49 New York, United States, ASN2647 (SITA, BE),

Reverse DNS

www.un.org

Software

Apache /

Resource Hash

8c83c82b9e684810ec2b0ade896c2f5b8c2a25a2919587d8c6dc5ea385901527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:11 GMT
Last-Modified: Mon, 04 May 2020 19:28:33 GMT
Server: Apache
ETag: "1a0c4-5a4d7895c3a63"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=50
Content-Length: 106692

GET
H2

200

A_Dental1.jpg
beforeitsnews.com/contributor/upload/428376/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg
https://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg

24 KB
24 KB

38ms
20ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a500923ed46341c73067c6a8a62945fe80d24599baa601c7981f832779cd2c65

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:10 GMT
cf-cache-status: HIT
age: 1324
cf-polished: origSize=24987, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 24183
cf-request-id: 028aa3e2fc00000ea71b127200000001
last-modified: Wed, 06 May 2020 07:31:45 GMT
server: cloudflare
etag: "5eb267e1-619b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c17f8850ea7-FRA
expires: Thu, 06 May 2021 07:50:06 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/428376/images/A_Dental1.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c17ad45d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e2c60000d6cdc2a2a200000001
Expires: Wed, 06 May 2020 09:12:10 GMT

GET
H2 200 daily-progression-COVID19-in-United%2BStates-20200505.png
3.bp.blogspot.com/-XzLPhR4vSnM/XrIU-wCxIKI/AAAAAAAAUVU/LHbeQ28X7MMEINE7_SuX-0us_ocsr7sbgCLcBGAsYHQ/s1600/ 27 KB
27 KB 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-XzLPhR4vSnM/XrIU-wCxIKI/AAAAAAAAUVU/LHbeQ28X7MMEINE7_SuX-0us_ocsr7sbgCLcBGAsYHQ/s1600/daily-progression-COVID19-in-United%2BStates-20200505.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ffae684a45dfc7a503ef4dfd3bafba48c20f1f906c1450b81e515402f116d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 07:41:57 GMT
x-content-type-options: nosniff
age: 1813
status: 200
content-disposition: inline;filename="daily-progression-COVID19-in-United States-20200505.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27690
x-xss-protection: 0
server: fife
etag: "v5156"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 May 2020 07:41:57 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_GB/i/scr/ 43 B
230 B 204ms
55ms Image
image/gif 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_GB/i/scr/pixel.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:27 GMT
server: Apache
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2 200 duplicate-content-in-search-rankings.png
www.pixelproductionsinc.com/wp-content/uploads/2020/05/ 217 KB
218 KB 78ms
39ms Image
image/png 2606:4700:3035::6818:73a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pixelproductionsinc.com/wp-content/uploads/2020/05/duplicate-content-in-search-rankings.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:73a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b708f210ea3592f88eb9d89911242ed3392a4b3053681a64159e5d58e6a96f85

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 3127
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 222201
cf-request-id: 028aa3e38400000621363da200000001
last-modified: Mon, 04 May 2020 19:21:47 GMT
server: cloudflare
etag: "5eb06b4b-363f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 58f13c18dfcc0621-FRA
expires: Fri, 05 Jun 2020 07:20:04 GMT

GET
H2

200

Security_01.jpg
beforeitsnews.com/contributor/upload/524716/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg
https://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg

46 KB
47 KB

23ms
23ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c587b3a01937bdabf369364a9664c4c4181dfaf18ae8c3adaabfa74178c4943e

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 4147
cf-polished: origSize=50498, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 47326
cf-request-id: 028aa3e3bb00000ea71b138200000001
last-modified: Wed, 06 May 2020 06:54:35 GMT
server: cloudflare
etag: "5eb25f2b-c542"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c192bd30ea7-FRA
expires: Thu, 06 May 2021 07:03:04 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/524716/images/Security_01.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c1919fdd6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e3af0000d6cdc2a41200000001
Expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2 200 Starship-Boca-Chica-050520-SPadre-SN4-static-fire-attempt-1-c-1024x407.jpg
www.teslarati.com/wp-content/uploads/2020/05/ 33 KB
33 KB 325ms
216ms Image
image/jpeg 104.18.3.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.teslarati.com/wp-content/uploads/2020/05/Starship-Boca-Chica-050520-SPadre-SN4-static-fire-attempt-1-c-1024x407.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.13.2
Resource Hash: 8607bfd8fc9ab53de83ed1aacac962e2c1e1e19b5b3dd573da84fb600d8ef100

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 18
x-powered-by: W3 Total Cache/0.13.2
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 33452
cf-request-id: 028aa3e42b0000dac45b30f200000001
pragma: public
last-modified: Tue, 05 May 2020 18:08:43 GMT
server: cloudflare
etag: "5eb1abab-82ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 06 May 2021 08:11:52 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 58f13c19dadfdac4-ARN
cf-bgj: h2pri

GET
H2

200

A_Exchange.jpg
beforeitsnews.com/contributor/upload/567050/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg
https://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg

52 KB
52 KB

24ms
23ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a3ba19fe3698733e64d42cc753134b26eed4a138e99724a3fa222a3e21c0a36

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 5347
cf-polished: origSize=56038, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 53277
cf-request-id: 028aa3e42000000ea71b13e200000001
last-modified: Wed, 06 May 2020 06:34:03 GMT
server: cloudflare
etag: "5eb25a5b-dae6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c19cd650ea7-FRA
expires: Thu, 06 May 2021 06:43:04 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/567050/images/A_Exchange.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c195ab7d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e3d50000d6cdc2a46200000001
Expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2

200

Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png
beforeitsnews.com/contributor/upload/477502/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png
https://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png

59 KB
59 KB

19ms
19ms

Image
image/webp

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4f17f44c4d4e29e1301e626ed9a5b7876f36708286668f74960f7361cab03f

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 6604
cf-polished: origFmt=png, origSize=121557
status: 200
content-disposition: inline; filename="Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 60562
cf-request-id: 028aa3e42200000ea71b140200000001
last-modified: Wed, 06 May 2020 06:16:16 GMT
server: cloudflare
etag: "5eb25630-1dad5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c19dd6e0ea7-FRA
expires: Thu, 06 May 2021 06:22:07 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/477502/images/Screen%20Shot%202020-05-05%20at%2011_16_03%20PM.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c195ca20629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e3da00000629178c9200000001
Expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2

200

A_Gay.jpg
beforeitsnews.com/contributor/upload/567050/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg
https://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg

25 KB
26 KB

17ms
17ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2339e35d1faffc4581fbc667dbbbef0bdc768eadea4c2d4ef74bdd6f8120eb87

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 6724
cf-polished: origSize=27644, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 26048
cf-request-id: 028aa3e42200000ea71b13f200000001
last-modified: Wed, 06 May 2020 06:17:45 GMT
server: cloudflare
etag: "5eb25689-6bfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c19dd6c0ea7-FRA
expires: Thu, 06 May 2021 06:20:07 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/567050/images/A_Gay.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c196ae1d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e3df0000d6cdc2a48200000001
Expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2 200 no%2BMA%2B1%2Bday%2BFlorida.png
1.bp.blogspot.com/-D_L0i6cz9V0/XrJPbMOK_GI/AAAAAAAAbn8/OkCK3Q_J9Co9bKCnugZ_YrWjcFfetu_0gCLcBGAsYHQ/s320/ 31 KB
31 KB 8ms
8ms Image
image/png 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-D_L0i6cz9V0/XrJPbMOK_GI/AAAAAAAAbn8/OkCK3Q_J9Co9bKCnugZ_YrWjcFfetu_0gCLcBGAsYHQ/s320/no%2BMA%2B1%2Bday%2BFlorida.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e2706a37225484fd0e976eaaf8308904c387a4e2cb0a71eb4ef4cb0d0db179a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 06:11:09 GMT
x-content-type-options: nosniff
age: 7262
status: 200
content-disposition: inline;filename="no MA 1 day Florida.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31413
x-xss-protection: 0
server: fife
etag: "v6e80"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 May 2020 06:11:09 GMT

GET
H2 200 USATSI_13095960_158813650_lowres.jpg
www.jetnation.com/wp-content/uploads/2019/07/ 433 KB
433 KB 972ms
377ms Image
image/jpeg 204.13.239.203
DATACATE-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetnation.com/wp-content/uploads/2019/07/USATSI_13095960_158813650_lowres.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.13.239.203 , United States, ASN55106 (DATACATE-AS1, US),
Reverse DNS: jetnation.com
Software: nginx /
Resource Hash: 628b6039e966ed257374d49bd5e4516f633560da04f86fdedb5663ce7a825d9e

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Sat, 27 Jul 2019 04:17:26 GMT
server: nginx
etag: "5d3bd056-6c2c4"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 443076

GET
H2 200 842x474-ThroughMyBible1-80x80.jpg
wels.net/wp-content/uploads/2015/04/ 4 KB
5 KB 548ms
256ms Image
image/jpeg 35.227.16.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wels.net/wp-content/uploads/2015/04/842x474-ThroughMyBible1-80x80.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.16.122 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.16.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3be4624ea3a87d8e1b7bf99391de7ebc2d9da3f9ec0824bc5d6b50ddb582c18

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Tue, 17 Jul 2018 09:15:00 GMT
server: nginx
status: 200
etag: "5b4db394-11eb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4587

GET
H2 200 20180917-pneumo-deaths-total.png
i2.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/05/ 12 KB
13 KB 62ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/05/20180917-pneumo-deaths-total.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

046d8554d3e07af6f75edef3fb4bd0bff9c6b8889396debfba79f974dcecb8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 4
date: Wed, 06 May 2020 08:12:11 GMT
x-content-type-options: nosniff
x-bytes-saved: 29353
last-modified: Wed, 06 May 2020 06:04:31 GMT
server: nginx
etag: "c46c97d72764101a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <http://www.occidentaldissent.com/wp-content/uploads/2020/05/20180917-pneumo-deaths-total.png>; rel="canonical"
content-length: 12670
expires: Fri, 06 May 2022 18:04:31 GMT

GET
H2

200

Money_Economy.jpg
beforeitsnews.com/contributor/upload/567050/images/
Redirect Chain

http://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg
https://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg

56 KB
56 KB

18ms
18ms

Image
image/jpeg

2606:4700:20::681a:70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e9259edde808ddbb0776c1c53d0a78871dcef99744c2be407772b8a7b2f1d46

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
cf-cache-status: HIT
age: 8227
cf-polished: origSize=60241, status=webp_bigger
status: 200
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 57522
cf-request-id: 028aa3e47f00000ea71b143200000001
last-modified: Wed, 06 May 2020 05:47:08 GMT
server: cloudflare
etag: "5eb24f5c-eb51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 58f13c1a6f240ea7-FRA
expires: Thu, 06 May 2021 05:55:03 GMT

Redirect headers

Date: Wed, 06 May 2020 08:12:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://beforeitsnews.com/contributor/upload/567050/images/Money_Economy.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58f13c19fe670629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 028aa3e43800000629178d6200000001
Expires: Wed, 06 May 2020 09:12:11 GMT

GET
H2 200 ai-domain-sales.png
i1.wp.com/morganlinton.com/wp-content/uploads/2020/05/ 102 KB
102 KB 57ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/morganlinton.com/wp-content/uploads/2020/05/ai-domain-sales.png?fit=3000%2C3000&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0aa01dd909b536f91ee60699267331b01fa902165f2f6945245ec90c07c6e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT arn 2
date: Wed, 06 May 2020 08:12:11 GMT
x-content-type-options: nosniff
x-bytes-saved: 99165
last-modified: Wed, 06 May 2020 05:43:03 GMT
server: nginx
etag: "ea204a9f036b1bba"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://morganlinton.com/wp-content/uploads/2020/05/ai-domain-sales.png>; rel="canonical"
content-length: 104234
expires: Fri, 06 May 2022 17:43:03 GMT

GET
H/1.1 200
OK incr_banner_views.php Show response
64.62.227.27/core/ajax/counter/ 6 B
283 B 204ms
203ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/counter/incr_banner_views.php?id=2045&_=1588752730762

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3411f072b178ebb9a26a7a83a8b781db73ca532d3c0ec96e3739f44ff158c974

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 8a2c33fe4da6cea119e5201176d70b5093993a8b.jpeg
64.62.227.27/img/i2020/05/ 19 KB
20 KB 191ms
190ms Image
image/jpeg 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.27/img/i2020/05/8a2c33fe4da6cea119e5201176d70b5093993a8b.jpeg
Protocol: HTTP/1.1
Server: 64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e4897d5c9454c94c4b10a5c48331f70aa3727be76a360444cae58168b01c93f7

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 08:12:11 GMT
Last-Modified: Wed, 21 Aug 2019 02:34:20 GMT
Server: nginx/1.12.2
ETag: "5d5cadac-4de2"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19938
Expires: Thu, 06 May 2021 08:12:11 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 62 KB
13 KB 288ms
287ms XHR
text/javascript 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_828&c=1588752730537&width=1600&site_url=http%3A%2F%2F64.62.227.27%2F&referer=&skip_demand=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_828&c=1588752730537&width=1600&referer=http%3A%2F%2F64.62.227.27%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

7e45d76e5fee0ff19b248e5b46d9a12c15cd0fb8031da1b61c67e38dc69a2fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.27
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMzY2ZGY0OGRjZThkMTRkNDc...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA

35 B
213 B

76ms
75ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:11 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&bidder=3&bidder_uid=309LKbzBv-2N4fEFnXtA
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%253D&geo=35&rev_d...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&geo=35&rev_dt=1588752730

35 B
214 B

84ms
84ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&geo=35&rev_dt=1588752730
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 06 May 2020 08:12:13 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid: 52bd4493-f38e-4e63-a815-421cdbe3e67a
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=793285930060907682&exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&geo=35&rev_dt=1588752730
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 139ms
139ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%253D&pushdata=109&secure=1&rev_dt=1588752730
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Wed, 06 May 2020 08:12:10 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI%3D&rev_dt=1588752730
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI=&bidder=154&bidder_uid=18f1ba0f-0a26-438e-afe3-aed88aba5d43

35 B
214 B

76ms
75ms

Image
image/gif

52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI=&bidder=154&bidder_uid=18f1ba0f-0a26-438e-afe3-aed88aba5d43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-203-124.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 08:12:11 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=MzY2ZGY0OGRjZThkMTRkNDc0NWQ4NGQwYjFjNDVlMDI=&bidder=154&bidder_uid=18f1ba0f-0a26-438e-afe3-aed88aba5d43
Date: Wed, 06 May 2020 08:12:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
25 KB 131ms
38ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 17:37:10 GMT
etag: "1588613830"
status: 200
x-hw: 1588752731.cds070.sk1.hn,1588752731.cds065.sk1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=46
accept-ranges: bytes
content-length: 25656

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
98 KB 31ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Requested by: Host: 64.62.227.27
URL: http://64.62.227.27/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 17:37:10 GMT
etag: "1588613830"
status: 200
x-hw: 1588752731.cds070.sk1.hn,1588752731.cds012.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=35
accept-ranges: bytes
content-length: 100419

GET
H/1.1 200
OK rendered
ri.amurege.com/notify/ 0
99 B 401ms
130ms Image
text/plain 54.210.183.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ri.amurege.com/notify/rendered?a=revcontent&cep=K5yiuRTpNWBgjFLNed23x6dnFAzbNgiJi-cFVKNVsR3YxUM0yR1FvDexL683iFB_LTlUlax1Abj8agW2xWcG81hE355YX93iSrjCZrXgBTlBl0kqJ1kU_KWR6hAZhEbw3iHMAGmI3xUi7ALS5F1Bcr1I_QDU-rEaeZQ88CfZR3uE1k9__3R8PH_uMCkOEAnPI6bKFyNIx8QdWsqBQlpikOyPnQkl55J8Q1uMxhHVBMDyeCNUZd5foYeIu78jYaUQqy6-SBA0zRtmPOt-YHBwqA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.183.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-183-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 06 May 2020 08:12:11 GMT
Content-Length: 0

GET
H2 200 04dfb445-6b51-4436-9cea-2688afac38d3.jpeg
cdn.amurege.com/64f9b399-edd5-41b5-a198-e193286d2561/ 48 KB
49 KB 797ms
649ms Image
application/octet-stream 54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amurege.com/64f9b399-edd5-41b5-a198-e193286d2561/04dfb445-6b51-4436-9cea-2688afac38d3.jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.183.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32633bdf0d6765c201ddb79600781226c29a2a67bfad78714199a740356d3438

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:12 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 17 Apr 2020 09:08:27 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C3
etag: "f1a7499e9a2236196889cfeb928d937e"
x-cache: Miss from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 49300
x-amz-cf-id: 8LQ8Pt7ZfrJvSCnrKYN_RkzyGWKoUHL0vgnPr2EpRBIMzIhJXjGSSw==

GET
H2 200 /
img.revcontent.com/ 39 KB
39 KB 94ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e83e957d09fe7-41870035.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 281f3b935d2ff355495273197fe0cfe855ab07c2a8711d501c7f08afde7c1fba

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Wed, 01 Apr 2020 01:07:36 GMT
etag: "1585703256"
x-hw: 1588752731.cds071.sk1.hn,1588752731.cds033.sk1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39525

GET
H2 200 /
img.revcontent.com/ 30 KB
30 KB 128ms
71ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/ef7dec7e2552b74a89b7c2a7df7c2913.png&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 3f11303e8b5be97d8936ecd3f7837afa375dd47bfc01f69c4a278e4528b5d173

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Mon, 27 Apr 2020 17:47:30 GMT
etag: "1588009650"
x-hw: 1588752731.cds071.sk1.hn,1588752731.cds033.sk1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31062

GET
H2 200 /
img.revcontent.com/ 72 KB
72 KB 122ms
90ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e8540db40c487-68447446.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7e044ae237b4927faf5bfab6cbfded3deef348ea4a360f77a7690750da51a4be

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Thu, 02 Apr 2020 01:33:16 GMT
etag: "1585791196"
x-hw: 1588752731.cds071.sk1.hn,1588752731.cds023.sk1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 74064

GET
H2 200 css
fonts.googleapis.com/ 3 KB
717 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Scada

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 May 2020 08:12:11 GMT
server: ESF
date: Wed, 06 May 2020 08:12:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 May 2020 08:12:11 GMT

GET
H/1.1 200
OK rendered
ri.amurege.com/notify/ 0
99 B 362ms
129ms Image
text/plain 54.210.183.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ri.amurege.com/notify/rendered?a=revcontent&cep=XrD94OmKS8BmDOUt6Do0tqQltaVGSf5ITxJ0XdvA6i1urEPvloAqAIyZsAsztv-RGdtKxEpmbP6Soj1uswq8qfUeqYy0H17qkGdWMtXRU5bmA5h7yUk7e-a_r5mRqY1La6KqjDfDSeWghh2qEhcm3E8ZrxGZI5zVGdryW1vfGLBRzHoqDfOfAH4bFutoth5NwLjgxl2RqrVOZtZ6VwglH3zRqIquPqBci0rdXGViOql5p1NVhcZT8-r9j5WkLw9ssTjDEyaYceZATi5yvQ7s6Q==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.183.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-183-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 06 May 2020 08:12:11 GMT
Content-Length: 0

GET
H2 200 bae71f22-5875-400f-95fc-2d92f9806feb.jpeg
cdn.amurege.com/64f9b399-edd5-41b5-a198-e193286d2561/ 482 KB
483 KB 566ms
565ms Image
application/octet-stream 54.230.183.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amurege.com/64f9b399-edd5-41b5-a198-e193286d2561/bae71f22-5875-400f-95fc-2d92f9806feb.jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.183.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 687e2a5f76cc385b1bbbb7c8d547d397247a6afeacedc9084db415d9509bd68e

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:13 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 17 Apr 2020 09:08:27 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C3
etag: "d43c8e5ca14bb81ed7970d273261095a"
x-cache: Miss from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 493934
x-amz-cf-id: rVJbUhca1lzk-DMMKv4Up6tDRN89XTPHa1hRK61qnXtYKAGkxDLmew==

GET
H2 200 /
img.revcontent.com/ 40 KB
40 KB 45ms
45ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15575637120506635525.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 67d99a892d612388d937f7ca1232108b426d22bf328612b94ab8b82e69a5b5c0

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Sat, 11 May 2019 08:35:13 GMT
etag: "1557563713"
x-hw: 1588752731.cds071.sk1.hn,1588752731.cds043.sk1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40891

GET
H2 200 /
img.revcontent.com/ 51 KB
51 KB 46ms
45ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e85aef1ce4246-08286656.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: be27e48eba8b9693eb2cfe06ccd03932a261b021b952cef3778ee2daabd0bf1f

Request headers

Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
last-modified: Thu, 02 Apr 2020 09:22:58 GMT
etag: "1585819378"
x-hw: 1588752731.cds071.sk1.hn,1588752731.cds003.sk1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 51913

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: http://64.62.227.27

Response headers

date: Sat, 04 Apr 2020 13:45:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:31 GMT
server: sffe
age: 2744798
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
expires: Sun, 04 Apr 2021 13:45:33 GMT

GET
H2 200 RLpxK5Pv5qumeVJvzTQ.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v8/RLpxK5Pv5qumeVJvzTQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: http://64.62.227.27

Response headers

date: Wed, 06 May 2020 05:58:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:32:17 GMT
server: sffe
age: 8012
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15016
x-xss-protection: 0
expires: Thu, 06 May 2021 05:58:39 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
201 B 214ms
86ms XHR
text/html 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://64.62.227.27
access-control-allow-credentials: true
content-length: 0

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
201 B 181ms
72ms XHR
text/html 52.209.203.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.203.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-203-124.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: http://64.62.227.27/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 May 2020 08:12:11 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://64.62.227.27
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK count.php Show response
64.62.227.27/core/ajax/counter/ 15 B
292 B 191ms
191ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/counter/count.php

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d150b91d17b71f2f8a55c1812c3ce11587bc5c15675add2bc5561add14fb6d51

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 06 May 2020 08:12:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK count.php Show response
64.62.227.27/core/ajax/counter/ 15 B
292 B 190ms
190ms XHR
text/html 64.62.227.27
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.27/core/ajax/counter/count.php

Requested by

Host: 64.62.227.27
URL: http://64.62.227.27/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.27 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e05e23f1ba30ab1a5fa2dcb14fbf4d5ec8c008eb27c02a4bea15f8f9df9ac729

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.27/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 06 May 2020 08:12:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: http://64.62.227.27/(Line 547) Message: [Web Cached] Loaded time: 0.00211s
console-api	log	URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=2020468(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=2020468(Line 9) Message: [object HTMLImageElement]
console-api	info	URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js(Line 39) Message: GodWord: id219 views: 35.4k
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js(Line 37) Message: AdsDirect: id2044 views: 351.6k
console-api	info	URL: http://64.62.227.27/static/js-v3/global-bin-rev-494.js(Line 37) Message: AdsDirect: id2045 views: 405.5k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.betweendigital.com
b.scorecardresearch.com
b1sync.zemanta.com
beforeitsnews.com
bidder.criteo.com
bidswitch-eu.splicky.com
bttrack.com
c.mgid.com
cdn.amurege.com
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cpb-us-e1.wpmucdn.com
csync.loopme.me
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
iili.io
img.revcontent.com
img.youtube.com
jamesredpillsamerica.com
jsc.mgid.com
justusaknight.files.wordpress.com
lockerdome.com
match.adsrvr.org
media.eurekalert.org
media1.tenor.com
news.rice.edu
ri.amurege.com
rtb-usw.mfadsrvr.com
rtb.mfadsrvr.com
sb.scorecardresearch.com
servicer.mgid.com
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
tapnewswire.com
trends.revcontent.com
upload.wikimedia.org
wels.net
www.aftau.org
www.cdc.gov
www.dodgingdeception.com
www.elsi.jp
www.geosociety.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.jetnation.com
www.naturalblaze.com
www.naturalnews.com
www.newswise.com
www.noaa.gov
www.nowtheendbegins.com
www.paypalobjects.com
www.pixelproductionsinc.com
www.teslarati.com
www.un.org
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.199.73
104.18.3.164
104.19.135.78
13.64.241.5
131.112.112.128
132.148.46.86
138.201.86.121
151.101.114.49
151.139.128.11
151.139.242.29
151.139.243.2
157.150.185.49
172.227.85.103
176.9.0.138
178.250.0.165
18.156.133.187
185.33.221.88
185.64.189.110
188.42.29.196
192.0.72.23
192.0.77.2
192.124.249.6
192.132.33.46
198.151.217.193
2.16.186.51
204.13.239.203
216.58.212.130
23.105.245.5
2401:c900:1101:143:9::e
2600:9000:2093:c800:5:ff17:fd00:93a1
2606:4700:20::681a:70b
2606:4700:3033::681b:8fb8
2606:4700:3034::681c:1cf1
2606:4700:3035::6818:73a2
2606:4700:3037::6818:7392
2606:4700::6810:8646
2606:4700::6812:e234
2620:0:862:ed1a::2:b
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2001
2a00:1450:4001:815::2004
2a00:1450:4001:818::2001
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2016
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2008
2a00:1450:400c:c08::9a
2a02:2638:1::3
2a02:26f0:6c00:19a::2461
3.121.253.254
34.252.71.88
35.172.73.102
35.212.212.222
35.227.16.122
52.209.203.124
54.164.167.223
54.210.183.23
54.230.183.36
63.128.3.112
64.62.227.27
70.42.32.159
72.246.168.118
01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa
038d3b11a1db4500dc7391ca9293d45f92b82ca66d1647d1cfc22f62f4e4ce99
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
044d653d3ceb3b946b4c68e520b86f374d292597f367112348802146a377ae17
046d8554d3e07af6f75edef3fb4bd0bff9c6b8889396debfba79f974dcecb8a1
04bd0f40f05e892881a2b6581085db5f1f2f3165f1e375aef152ca6d7d76d108
0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830
0a7007fa6109186f46b3d927d8f7d0f9e1d4b941790f0b83ec428c461421be94
0aa01dd909b536f91ee60699267331b01fa902165f2f6945245ec90c07c6e334
0b21fd04aad89a54b03408155906f1cd1b363cb16cf0753504b18e996d8a6662
0ea06005c9f12c534d2d0e02f1dc94dde98e9d245002920695c27c8dd0fb23eb
116fc56ce33fafc31e41008dd763064533a5844ddec4bd1632c82d73139318cc
147d4d36f639a2093c596ad073e718dcc89d5c9d78a12b13ca4fa713f1d078d0
182857ce8cf9eb8cadc87c5155532dded004a1bc97f6a7cddd14a4c274ae7607
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
220dace0bf9041dcf00e9205d5839b2528cbaf173d9f931cb13165c4b90094fa
2339e35d1faffc4581fbc667dbbbef0bdc768eadea4c2d4ef74bdd6f8120eb87
23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713
26afb802925e9b67a43398f4f61642b283f7cfde5346e37839e46b6e3a6a33d2
281f3b935d2ff355495273197fe0cfe855ab07c2a8711d501c7f08afde7c1fba
2828ce5f049d4980a2d2c7de9f8c88f7df09273d09967c17615b7efb3bd45358
282ab5b6f36b8ea72f1cd6847968dc52be62ae5d7c97119a335a6d2673c258c5
2a3ba19fe3698733e64d42cc753134b26eed4a138e99724a3fa222a3e21c0a36
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9259edde808ddbb0776c1c53d0a78871dcef99744c2be407772b8a7b2f1d46
2ffae684a45dfc7a503ef4dfd3bafba48c20f1f906c1450b81e515402f116d96
301277f94bb1bf77779eac1e90b1f556604f894545aa025ba76fe88f94852077
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32633bdf0d6765c201ddb79600781226c29a2a67bfad78714199a740356d3438
32c926b529b73f2a10dc34c0d816bae9fb990dc560bf5254221ce8d4120d39d4
335fa63197718a5840adef5761fc5c67b9fb4274798aa53b60cfdc4d4b2043a7
33e89acec5c07a37996a6fda0ab9c029199b2ae3f8913fda8fbee66d0cc58ee3
3411f072b178ebb9a26a7a83a8b781db73ca532d3c0ec96e3739f44ff158c974
354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f11303e8b5be97d8936ecd3f7837afa375dd47bfc01f69c4a278e4528b5d173
3fbb5c29aa3c9b0a146f9cfa3f71dbf1e1aaef496d5ecf0a4a8ee1825e9e0b37
440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3
4c1b5bd459a8f06ae5e50340b6b47bb7c329f2b1c41b7add0e8b1ed98ae9b31d
4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6
4e1cc2de6af70f3fe924b8c2da7534e7ffbc807c8780bdb69335ac9b4d195e53
4f592c742f686068be649efb9de145be6f95ea8367f7bdcd0ded1bcb0808f894
5055ace9b549553232ea4a6a6b5ce3d49a207b0179944bf8a30ce5d5e201549b
52081b82a23acfc93e303ccbbb1ae906718325321f055518eaa48302d6331877
521adc59704ee23346cec5bab1abeb63cf7421a4b46c9f8346f3dcea5c951ba8
5844ddc6cc8f7570f76a5d02103c0547a11bd401e9a52e176de229847079a412
5aea9b73ac52061450716441782c73b2d37451e96d3d4dbaf43400570e0ae091
5d6a08294f6c40f597af49902c66cbfeb2b2876a7d9499eb4c3385879c0da222
5db54b61eedc1eb80e8c9e879774553707e1596e38b3ef22b37c7c4d0ee360d7
5e71d120c20a36ead1b0de125080941558bf3f653c529c26764dd61a8baa5d24
628b6039e966ed257374d49bd5e4516f633560da04f86fdedb5663ce7a825d9e
62feeb09b7f6d4ffe4cd6e061b1184b85ef639720ae8ab92d2b2568a07c8f792
64033276ca5e3af1767145de791323f03fa20f6ff0fdb64985d318e88a1bea58
67021ed9c248b86b359f13844f0588d7b65cfb39c84afe2fdddb35437662ec50
67d99a892d612388d937f7ca1232108b426d22bf328612b94ab8b82e69a5b5c0
687e2a5f76cc385b1bbbb7c8d547d397247a6afeacedc9084db415d9509bd68e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6de4739870e18f216bd956bde27373051ffd3bbc0211adbca239b8acd5567346
71cdfa3d34235b89e3f9bc10e83edbd93222243415d0bb53fe609c3bd47e132b
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
77050fd5f34724d2562e83778d57a8892efb0b80a7a3e1e93cfdc330268d3a21
789bfe6a9e9f0c70bc416b8c4abeb9da64d27f81479f51a1338e8fa5eee7ef72
7a9fc0e7074958554676da7f36336a6acdba185d21322a6ff5ef2099a00c46f8
7ca695352f5c1ad4e8744f0a3f81ac4d7adf782ecdd54f3bf26c89884c304a9b
7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a
7e044ae237b4927faf5bfab6cbfded3deef348ea4a360f77a7690750da51a4be
7e45d76e5fee0ff19b248e5b46d9a12c15cd0fb8031da1b61c67e38dc69a2fe4
7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4
8004dbff247720babfbe6d327d2d372f788afde530bcd322e6dd9d180fe1c87c
84ba294d86a6a8c4ec2962bb2e461958d5bc4e101e798b145604dca530b30041
8607bfd8fc9ab53de83ed1aacac962e2c1e1e19b5b3dd573da84fb600d8ef100
881ba5fb755a8068b63306941021195713d9d51b24763605ca6711d5eda42be3
8bc169bd568ca54b63776bbb4211a0b70d1ae58011a9aae6f239f51d6e5bc31c
8c83c82b9e684810ec2b0ade896c2f5b8c2a25a2919587d8c6dc5ea385901527
8ccaf0a7fd807c863fda8e7bc73b3bf6fc08fdc82c76166057c48401e7bd3355
8dedf88eeab3a61fa64732016efd11eed14271358b8cad799d9ae2a9a9939b23
8f0c06ee02c4fa0b8f2b7b0820b35821b1cca71b9c3f9a575672a239adf83dae
90df2fd1fd827ca2097ba4085ab5502f402dd7682d6c123f5bb3d3b0a07b26fe
929ef0f82e8ac0fee3228422b8d9cc1e7abd416db5bcaea92020a3ad275683b6
9344d9cbd0ad7f246ddea3260a16d19f3e72194732393ac5b660957ddec80adc
9488850a83b36380b92f2052f4884826d9ce88694f91182316d1dafa52309372
952135b3fa9e66d3b52227d37c1bd20990ad839085d187944629a75d2b1870ab
974e9af8cfbec6ed2513aca84f4e96abd7714897541c7049472d18b7437cc2bb
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
98e1d9f07fc70241ba7f11dbcbe5c186bca3a6d4fe45e67ab0a35be6fd920a46
99c7037ea90da3648731c18eca3a7f8947a136a3de1df6510bdd99543bf4062a
9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915
9e2706a37225484fd0e976eaaf8308904c387a4e2cb0a71eb4ef4cb0d0db179a
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b1ad3cb11f833aff9eafaf4a7acb7591c28ba06eb0933da01a650f2081a3aa
a3b28ba2f3789966726b94e73ae5bc0633f220a0036abe2ee2b015e2252e5d67
a500923ed46341c73067c6a8a62945fe80d24599baa601c7981f832779cd2c65
a70d50b3dd71482fa7afddfcc2f4b6c2909b8f2293e2000da5a94832be195e4d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b0a69c4a6acc68166c16f37fec4e44bc49be649b8bc4afa5098c7295524079db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b3be4624ea3a87d8e1b7bf99391de7ebc2d9da3f9ec0824bc5d6b50ddb582c18
b446b84b6af05a88997d60472ccb256a81c1478718beeec74590b2f6f4edef1f
b4c162a0938dc32c37ee2dddadcec1c2aa396a1368328c06fcfebc65dd795a6e
b584886723f660917ad7b367cdf738ce70656781681bf603fe4577e5e672337d
b66b12b821c9d03f5388c47792815258a6c17e79f08f549bc633d9d55503412d
b708f210ea3592f88eb9d89911242ed3392a4b3053681a64159e5d58e6a96f85
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd
bc5b2d7396c37c76bb0fea64050a46c93629c12c3b792d832b578ee8167c3fa7
be27e48eba8b9693eb2cfe06ccd03932a261b021b952cef3778ee2daabd0bf1f
bef84f3b48b18d96f286a88d8443febfc2164eb8687487c2ca584bd2f7b3e936
c0a0dacda4c8811a556152cf03f8d5181d45bc291a069e1ed05bd63e74f9ea95
c0f48819f075d178a669cc84064bbd35d747d86b23b9725a3402995e75b7726b
c587b3a01937bdabf369364a9664c4c4181dfaf18ae8c3adaabfa74178c4943e
c666dbd1ad9bf4155691d89fd1869827720d165de37f7f1053b0a50bc8b2c555
c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283
c9c8286937b76dfd180d642df44491945e7f0a795841b53686182320e122678e
ca1d7765d3dccff1309f864a23b076d33cc7a69c439fe56ae0244e19f7e1cf7f
cc4f17f44c4d4e29e1301e626ed9a5b7876f36708286668f74960f7361cab03f
cc8d1ad2d7ff4f5872ffce16fc7c775e0f1117658e0529fe40f205ce686ba7cd
d01403e9037e6359cc01e94ac42a4a0c60a956c3d4d11b1afe8ee8ca7f0bf8eb
d150b91d17b71f2f8a55c1812c3ce11587bc5c15675add2bc5561add14fb6d51
d5a3b8ed4ca3813bfa34912eb8ad5b6af55367c32c6e10e5b06f71952322254a
d85a00b66394765144be4a8286f3300fd285ea9f122c2e13e6eeae9fbe35c6ca
da718336c1ba642790767e90e95bdcb1326a7918f277077ea6c59d5b209c4ca8
db135e93bd989f186cc30e9846c9b9c02e19d1bfd319ed0f1703282ac40d500f
dbbcebe8bacb7f0ffba04f8c2ca8bdeaff7edf837d9e7a3387be6e095792be89
e05e23f1ba30ab1a5fa2dcb14fbf4d5ec8c008eb27c02a4bea15f8f9df9ac729
e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4897d5c9454c94c4b10a5c48331f70aa3727be76a360444cae58168b01c93f7
e5d14b1eb7844c055393b0cf60e600183c991a5c6f611651d2c38ef7b2929534
ea0d3117b48b4d44419070bc6a8d4122d1e12a96ca35c6f1079b08829968d163
eaa6ea16845bfbf0775fa2ca45b79628d26927d184698d95454085e1bcd0f089
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
ed85e1e83c88ed7d1c2c7ca839105a0fc5d5e9bea694dc61e09443ce42f4a147
ee21d95ded7d3979310536a68f2997280d65748dae9a4f6bcfa81fa0af48e563
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff6c9f6c9c02727ed1b9fb784f1ce740a5a2b33f8760a477e73f226bf68672f
f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4
f35f2e9629cb78bbd4f678617d0c66a026de966a932596d22ad4306c9b449292
f91a38581cd8b5139df783bffbdc39f23562cd91385ad6e08129e53f4c4fb9d0
f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba
fa96426ec058e6e65b6640230a710f2dc252e3aa3740cee17ce61534bea56e10
fb583ef3ef4386a21f055a4cf9eddb69b5856b84388836a82b2c17978cd2d4f7
fc992be2d573cd1ebfe75a7550675ccee88a5d15e02f5346113606764876d315

64.62.227.27 Open in urlscan Pro 64.62.227.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

178 Requests

68 %HTTPS

38 %IPv6

58 Domains

73 Subdomains

56 IPs

12 Countries

30738 kBTransfer

31641 kBSize

0 Cookies

28 Outgoing links

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

64.62.227.27 Open in urlscan Pro
64.62.227.27 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

68 %
HTTPS

38 %
IPv6

58
Domains

73
Subdomains

56
IPs

12
Countries

30738 kB
Transfer

31641 kB
Size

0
Cookies

178 HTTP transactions
1 data transactions