duressjhfd.icu Open in urlscan Pro
89.163.155.175 Public Scan

URL:
http://duressjhfd.icu/
Submission: On December 22 via manual (December 22nd 2018, 10:33:45 am UTC) from US

Summary HTTP 253 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 65 IPs in 7 countries across 37 domains to perform 253 HTTP transactions. The main IP is 89.163.155.175, located in Hattersheim, Germany and belongs to MYLOC-AS, DE. The main domain is duressjhfd.icu.

This is the only time duressjhfd.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	89.163.155.175 89.163.155.175	24961 (MYLOC-AS) (MYLOC-AS)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
49	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2 2	54.87.40.42 54.87.40.42	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	54.171.229.6 54.171.229.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:5c00:e:5a70:ca47:86e1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	104.24.246.16 104.24.246.16	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.101.65 143.204.101.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	3.8.42.50 3.8.42.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2600:9000:200... 2600:9000:200c:600:14:85db:2b40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:9000:200... 2600:9000:200c:9000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:4a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.73.122.138 52.73.122.138	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.24.247.16 104.24.247.16	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2.16.186.107 2.16.186.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	213.19.162.31 213.19.162.31	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	204.2.250.100 204.2.250.100	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
3	185.33.223.206 185.33.223.206	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
8	152.195.15.114 152.195.15.114	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	34.255.138.125 34.255.138.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
7	185.80.38.186 185.80.38.186	27381 (CASALE-MEDIA) (CASALE-MEDIA - Index Exchange Inc.)
7	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
7	2a00:1450:401... 2a00:1450:4016:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.236.39.146 34.236.39.146	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
12	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	3.81.156.77 3.81.156.77	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	104.109.77.19 104.109.77.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	50.112.252.228 50.112.252.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
3	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
7	23.211.0.74 23.211.0.74	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS) (MYLOC-AS)
5 12	54.194.108.5 54.194.108.5	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	35.156.116.54 35.156.116.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	85.14.248.71 85.14.248.71	24961 (MYLOC-AS) (MYLOC-AS)
2	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
9	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
14	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	213.254.244.16 213.254.244.16	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	213.254.244.26 213.254.244.26	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	213.254.244.15 213.254.244.15	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	213.254.244.21 213.254.244.21	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	213.254.244.17 213.254.244.17	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
253	65

1 89.163.155.175 (Hattersheim, Germany)

ASN24961 (MYLOC-AS, DE)
PTR: mail.duressjhfd.icu

duressjhfd.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

venturebeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.87.40.42 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-87-40-42.compute-1.amazonaws.com

sync.tag.clrstm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.229.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:5c00:e:5a70:ca47:86e1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.24.246.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.65 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-65.fra50.r.cloudfront.net

www.stack-sonar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.42.50 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-8-42-50.eu-west-2.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.80 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:600:14:85db:2b40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

fpn.flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.51 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:9000:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.122.138 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-122-138.compute-1.amazonaws.com

api.stack-sonar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.24.247.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.107 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-107.deploy.static.akamaitechnologies.com

as.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.250.100 (North Fort Myers, United States)

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.206 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

venturebeat-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 152.195.15.114 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.138.125 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-255-138-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.38.186 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)

a3217.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4016:800::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.39.146 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-39-146.compute-1.amazonaws.com

realbid.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi2.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.81.156.77 (Fairfield, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-81-156-77.compute-1.amazonaws.com

realbid.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.77.19 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-77-19.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.252.228 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-50-112-252-228.us-west-2.compute.amazonaws.com

hbevents.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.211.0.74 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-0-74.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Germany)

ASN24961 (MYLOC-AS, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.194.108.5 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com

vfde.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.156.116.54 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.14.248.71 (Germany)

ASN24961 (MYLOC-AS, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.232.75 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.16 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps40.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.26 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps40.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.15 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps40.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.21 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps30.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.17 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps20227.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	venturebeat.com venturebeat.com	626 KB
44	adform.net track.adform.net s1.adform.net	526 KB
28	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com tps40.doubleverify.com tps30.doubleverify.com tps20225.doubleverify.com Failed tps20227.doubleverify.com tps20229.doubleverify.com Failed	578 KB
12	demdex.net 5 redirects vfde.demdex.net	8 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	95 KB
10	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	12 KB
8	advertising.com adserver-us.adtech.advertising.com	3 KB
8	casalemedia.com as.casalemedia.com a3217.casalemedia.com	6 KB
8	googletagservices.com www.googletagservices.com	198 KB
7	atdmt.com ad.atdmt.com	745 B
7	vodafone.de vfd2dyn.vodafone.de	2 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	27 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	4 KB
4	exactag.com m.exactag.com	2 KB
4	lightboxcdn.com www.lightboxcdn.com	164 KB
4	brealtime.com biddr.brealtime.com realbid.brealtime.com	113 KB
3	openx.net 1 redirects venturebeat-d.openx.net eu-u.openx.net	1 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	31 KB
3	flipboard.com 1 redirects cdn.flipboard.com fpn.flipboard.com	5 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	2 KB
2	1rx.io tag.1rx.io hbevents.1rx.io	1008 B
2	quantcount.com 1 redirects rules.quantcount.com	3 KB
2	google.com 1 redirects adservice.google.com www.google.com	349 B
2	google.de adservice.google.de www.google.de	280 B
2	quantserve.com pixel.quantserve.com	6 KB
2	stack-sonar.com www.stack-sonar.com api.stack-sonar.com	9 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	clrstm.com 2 redirects sync.tag.clrstm.com	1009 B
1	azurewebsites.net lightboxapi2.azurewebsites.net	800 B
1	emxdgt.com e1.emxdgt.com	1 KB
1	lijit.com ap.lijit.com	2 KB
1	sonobi.com apex.go.sonobi.com	790 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	duressjhfd.icu duressjhfd.icu	133 KB
253	37

	Domain	Requested by
49	venturebeat.com	duressjhfd.icu
23	track.adform.net	biddr.brealtime.com s1.adform.net duressjhfd.icu
21	s1.adform.net	track.adform.net s1.adform.net duressjhfd.icu
14	cdn.doubleverify.com	s1.adform.net duressjhfd.icu
12	vfde.demdex.net	5 redirects duressjhfd.icu
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net duressjhfd.icu
9	fastlane.rubiconproject.com	biddr.brealtime.com
8	adserver-us.adtech.advertising.com	biddr.brealtime.com
8	www.googletagservices.com	duressjhfd.icu securepubads.g.doubleclick.net
7	cdn3.doubleverify.com	cdn.doubleverify.com
7	ad.atdmt.com	duressjhfd.icu
7	vfd2dyn.vodafone.de	duressjhfd.icu
7	a3217.casalemedia.com	biddr.brealtime.com
5	tps40.doubleverify.com	cdn.doubleverify.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	m.exactag.com	duressjhfd.icu
4	www.lightboxcdn.com	duressjhfd.icu www.lightboxcdn.com
3	acdn.adnxs.com	biddr.brealtime.com
3	ib.adnxs.com	biddr.brealtime.com
3	fonts.gstatic.com	duressjhfd.icu
3	b.scorecardresearch.com	1 redirects duressjhfd.icu
3	www.google-analytics.com	1 redirects duressjhfd.icu www.google-analytics.com
3	bcp.crwdcntrl.net	1 redirects duressjhfd.icu
2	eu-u.openx.net	1 redirects biddr.brealtime.com
2	realbid.brealtime.com	biddr.brealtime.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net duressjhfd.icu
2	rules.quantcount.com	1 redirects duressjhfd.icu
2	fpn.flipboard.com	1 redirects duressjhfd.icu
2	pixel.quantserve.com	duressjhfd.icu
2	biddr.brealtime.com	duressjhfd.icu biddr.brealtime.com
2	sync.tag.clrstm.com	2 redirects
1	tps20227.doubleverify.com	cdn.doubleverify.com
1	tps30.doubleverify.com	tps40.doubleverify.com
1	hbevents.1rx.io
1	eus.rubiconproject.com	biddr.brealtime.com
1	lightboxapi2.azurewebsites.net	www.lightboxcdn.com
1	e1.emxdgt.com	biddr.brealtime.com
1	ap.lijit.com	biddr.brealtime.com
1	venturebeat-d.openx.net	biddr.brealtime.com
1	tag.1rx.io	biddr.brealtime.com
1	as.casalemedia.com	biddr.brealtime.com
1	apex.go.sonobi.com	biddr.brealtime.com
1	www.google.de	duressjhfd.icu
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	api.stack-sonar.com	duressjhfd.icu
1	pixel.wp.com	duressjhfd.icu
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.stack-sonar.com	duressjhfd.icu
1	www.googletagmanager.com	duressjhfd.icu
1	stats.wp.com	duressjhfd.icu
1	cdn.flipboard.com	duressjhfd.icu
1	fonts.googleapis.com	duressjhfd.icu
1	duressjhfd.icu
0	tps20229.doubleverify.com Failed	cdn.doubleverify.com
0	tps20225.doubleverify.com Failed	cdn.doubleverify.com
253	57

This site contains links to these domains. Also see Links.

Domain
vbevents.venturebeat.com
docs.google.com
www.facebook.com
twitter.com
www.linkedin.com
flipboard.com
feeds.feedburner.com
plus.google.com
venturebeat.com
facebook.com

Subject Issuer	Validity	Valid
venturebeat.com Let's Encrypt Authority X3	`2018-11-24` - `2019-02-22`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.flipboard.com DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2019-11-06`	2 years	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
www.stack-sonar.com Amazon	`2018-04-28` - `2019-05-28`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2017-01-04` - `2019-02-04`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.exactag.com COMODO ECC Domain Validation Secure Server CA	`2016-09-14` - `2019-09-14`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
dyn.vodafone.de DigiCert SHA2 Secure Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2018-04-25` - `2019-07-05`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2018-05-12` - `2019-11-10`	a year	crt.sh

This page contains 40 frames:

Primary Page: http://duressjhfd.icu/
Frame ID: B7A840C7EC93863C1DF7F8F131763554
Requests: 111 HTTP requests in this frame

Frame: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/lightbox.js?mb=1545474809406&lv=1
Frame ID: 46C750AFE1DED54BAFF0D9462B515808
Requests: 2 HTTP requests in this frame

Frame: http://biddr.brealtime.com/check.js
Frame ID: C75498B1D67EEC5FBAE67D6AF4C3586F
Requests: 2 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=DC3A63&r=E303D1D3&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=1c775ea0ef34a5ccfb2ea58966b69c56&wp=9&aid=161DEE4648F2C603&tid=142DD&s=45DCE&cp=0.09&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 42D6DD8B589ECEBA2C2C6F583ABCF56A
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690923;rtbwp=XB4S-QAAAABo3OCXa2j3ODDNfFGHttbZ4lFhCw;rtbdata=AdYIqNMojIdJz4J0An17VS2-KBCJoRarnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPaPxUNmzF5up1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c6Wqxdjj-ixnNC0Rucr5OzjLTFHfg4aYfxX0bcpMeQfm5CTyaJx4iGhE1bUnAi8hKOdHPC2azk92MCjDUIbSrL-lY7kWpsQWoHE4_sQZGQgqA2
Frame ID: BC7327939D3DCECDDD8B79D748430ECC
Requests: 18 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CC&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=7733eb8f62ad4ce7cd2e185c9e81e164&wp=C&aid=161DEE4648F2FEF7&tid=142DD&s=45DC8&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 728C4379362AE8B8DB389EC41A0F1EDA
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAABQa5IGLOUAxdu68EjAwJ9bi-SEgQ;rtbdata=AdYIqNMojIdJz4J0An17VccYgZBzo9QonjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4rf4aVIgcRidC0Rucr5OzjGDWf0XzjHpoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: B38C5FF8F7B753922DFF171BC19FB788
Requests: 15 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CE&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=332df2b03308952302b630986ef28983&wp=C&aid=161DEE4648F2E1FB&tid=142DD&s=45DCA&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 67262F12D89D30B65FF666690BEF71F6
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACB9gF7Utgvvc-TYy8ePp7ZARmnlQ;rtbdata=AdYIqNMojIdJz4J0An17VRumHTXsKL4knjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5AEONAeEnO8dC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: 23D58E112D8BDB0AB86583B7E498E02F
Requests: 14 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1D0&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=2c55fa8ebb44550bc197c3a75a7d7bd6&wp=C&aid=161DEE4648F2A409&tid=142DD&s=45DCC&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 8048D11DFF08B02E1786E6E818FDE511
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADjJnHwpr2T315OQh2oRgHbTVKwVw;rtbdata=AdYIqNMojIdJz4J0An17VcDd1kRVhoO2njySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4sVF4QF30-fdC0Rucr5OzjEBtO3JjOWqQLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: 1754A950DE0E3DA291D1D5F11F62353B
Requests: 14 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1D1&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=202be1fa6c04d34eba48059b417e7fd4&wp=C&aid=161DEE4648F49B47&tid=142DD&s=45DCD&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 4EE22BC4EDBB8F846F48429E89384A68
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAAB66qkiqvaJP84HJ1JL0fQs3Ezyiw;rtbdata=AdYIqNMojIdJz4J0An17VXsZSUc9B0pAnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4_yvambV6wAtC0Rucr5OzjMR4CN1jhQnILJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: 84A6722F0EC580A66D03E6317B2ADFAA
Requests: 14 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: 9CAADF81387CA4A10CD519CBE21CA1B6
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: DDADEC017DDF4EA167BC14EC253D2802
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: 13BFA5810E88E020B4290BC705495CBE
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: 860BE35AE6B77DCCDF35CF430182DBB0
Requests: 1 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CD&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=8a44366f7a8c34f98f4ee6cd90bfa99c&wp=C&aid=161DEE4648F3B09A&tid=142DD&s=45DC9&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: 4A58D0EF8A60FCC4C900101DAE7BC634
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACKp9t49y41lc-utsIf7wGdgqNSdA;rtbdata=AdYIqNMojIdJz4J0An17VdwKsiZm6-EknjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5tz7bL_R40W9C0Rucr5Ozj3TNgbvUZ6scLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: F2A61B6BDC7E80733BD6DD5791336863
Requests: 15 HTTP requests in this frame

Frame: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CF&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=7bd439c2fb3abf095fce54c4c8b7d424&wp=C&aid=161DEE4648F4564B&tid=142DD&s=45DCB&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Frame ID: EAC6EF14D2FA0C2E91C1953E61BF4375
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADdzktLPNS5GQHXHq0xDO1pDDVpPA;rtbdata=AdYIqNMojIdJz4J0An17VY7h-jRZo_GQnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c53FSoHyRoiGNC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Frame ID: 159E64DC7AAC9A0BDF5922E51744FE92
Requests: 14 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4CCC30248066D07535CCA44B8F818EEA
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 812E155ED45B31114A4AEEDC3868B5A0
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B84D49D635D4A153CD8BD2284935E1B1
Requests: 1 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1
Frame ID: F5B55A5A25E1EB77EEA32266CEF8C5A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 02AE06D16FF06D28D8F746E1A4BC0F91
Requests: 1 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 93302F96833B82425204FF512B359698
Requests: 3 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 5B4DB2FA0E424825B1FB3CEA6C109E33
Requests: 3 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: E8CB74BBD366E3EA92B9087002B6FB3F
Requests: 3 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 8BC3D44D536BFF89221CA35AA80D511A
Requests: 3 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 394DE7003552C43059638CA7E69F350D
Requests: 2 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 8FAEF4896C3D003C51F5400623F3B3C5
Requests: 2 HTTP requests in this frame

Frame: http://cdn.doubleverify.com/dv-measurements249.js
Frame ID: 62EA873F7BE6712E5B93B2A2854D3E92
Requests: 2 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 3F82F9BF9F01E725C6C7D43B8A757DDD
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: E26B41E25E09112734F73624F7C99896
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: F9F63C31B3FE64C2D59A0CED850969A2
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 1790EB9001342AD71170EF50D22098B6
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: F02936D0B024189C04F669C34DBC510A
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: C9ACF432C76EE292B5D4D50CDC106F64
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 8DAB57E20D9C8BC0195D97F718BF58D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /WordPress( [\d.]+)?/i

vBulletin (Message Boards) Expand

Overall confidence: 100%
Detected patterns

env /^(?:vBulletin|vB_[^g])/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /WordPress( [\d.]+)?/i
env /^(?:vBulletin|vB_[^g])/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Lightbox (JavaScript Libraries) Expand

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

253
Requests

45 %
HTTPS

28 %
IPv6

37
Domains

57
Subdomains

65
IPs

7
Countries

2617 kB
Transfer

6846 kB
Size

2
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://vbevents.venturebeat.com/sponsorpage
Title: Sponsor

Search URL Search Domain Scan URL

URL: https://docs.google.com/a/venturebeat.com/forms/d/1wtWn2vpDjjVFxX5_4c4Ztv5LFiyRXlokDl-_ZOsIav8/viewform
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/venturebeat/

Search URL Search Domain Scan URL

URL: https://twitter.com/venturebeat

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/venturebeat

Search URL Search Domain Scan URL

URL: https://flipboard.com/@VentureBeat?utm_campaign=tools&utm_medium=follow&action=follow&utm_source=duressjhfd.icu

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/venturebeat/SZYF

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/111356039646926014229/posts

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/researchers-expose-biases-in-datasets-used-to-train-ai-models/
Title: Researchers expose biases in datasets used to train AI models

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/22/california-grants-zoox-first-permit-to-transport-passengers-in-driverless-vehicles/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/reuters/
Title: Reuters

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/discord-raises-150-million-as-it-starts-establishing-its-pc-game-store/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/jeff-grubb/
Title: Jeff Grubb

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/ai-is-still-really-bad-at-writing-lyrics/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/kylewiggers/
Title: Kyle Wiggers

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/get-over-60-hours-of-adobe-creative-cloud-training-for-just-29/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/stackcommerce/
Title: VB Deals

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/att-plans-to-swap-lte-logo-with-5g-e-on-some-4g-android-phones/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/jeremy/
Title: Jeremy Horwitz

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/probeat-dxomarks-pixel-3-camera-score-shows-ai-isnt-enough/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/emil-protalinski/
Title: Emil Protalinski

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/ai-weekly-despite-fears-of-job-stealing-robots-ai-did-a-lot-of-good-this-year/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/if-bent-ipads-are-the-new-normal-apple-is-betraying-jobs-perfectionism/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/some-alexa-prize-chatbots-exposed-customer-data-talked-filth/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/ring-in-the-new-year-with-new-gear-giveaway/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/vb-staff/
Title: VB Staff

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/gamesbeat-summit-speakers-times-three-owen-mahoney-ryan-wyatt-scott-rupp/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/dean-takahashi/
Title: Dean Takahashi

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/the-deanbeat-my-favorite-games-of-2018/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/the-esports-monetization-opportunity-is-wide-open-heres-how-to-take-your-shot-vb-live/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/ottopias-remote-assistance-platform-for-autonomous-cars-combines-humans-with-ai/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/paul-sawers/
Title: Paul Sawers

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/londons-gatwick-airport-reopens-after-drone-saboteur-chaos/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/unikrn-launches-umode-skill-based-game-betting-platform-in-41-states/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/elite-dangerous-is-bigger-and-more-mysterious-than-its-ever-been/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/indian-government-to-intercept-monitor-and-decrypt-citizens-computers/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/manish-singh/
Title: Manish Singh

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/21/ibm-researchers-monitor-parkinsons-disease-with-fingernail-sensors/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/facebook-donates-1-million-to-support-wikipedia/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/niko-partners-chinese-regulators-have-resumed-certifying-mobile-games/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/cathworks-ffrangio-system-receives-u-s-fda-clearance/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/businesswire/
Title: Business Wire

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/google-apis-to-close-down-on-march-7-2019/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/invoicely-everything-freelancers-and-small-businesses-need-to-stay-on-track/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/apples-new-transparency-report-page-details-government-data-requests/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/zynga-will-buy-80-of-empires-puzzles-maker-small-giant-games-for-560-million/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/minecraft-marketplace-november-2018s-top-10-creations-here-comes-santa/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/this-ai-system-can-adjust-the-contrast-size-and-shape-of-images/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/slack-in-compliance-with-u-s-regulations-broadens-ban-on-users-in-sanctioned-nations/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/star-citizen-interview-why-chris-roberts-raised-another-46-million-to-finish-sci-fi-universe/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/google-home-tops-smart-speaker-iq-test-but-rivals-are-gaining/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/star-citizen-creator-cloud-imperium-games-raised-46-million-to-launch-big-game-in-2020/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/alexa-now-taps-wolfram-alpha-to-answer-science-questions/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/get-lifetime-access-to-slideshops-15000-slide-templates-for-30/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/author/vb-deals/
Title: VB Deals

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/protonmail-now-lets-you-import-emails-in-bulk-from-gmail-yahoo-and-others/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/cherry-labs-raises-5-2-million-for-ai-that-detects-when-elderly-users-trip-or-stumble/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/harvards-bugbot-now-walks-up-walls/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/appsflyer-app-ad-market-to-grow-136-to-64-1-billion-from-2017-to-2020/
Title:

Search URL Search Domain Scan URL

URL: https://venturebeat.com/2018/12/20/caavos-control-center-gains-support-for-ifttt/
Title:

Search URL Search Domain Scan URL

URL: https://vbevents.venturebeat.com/events/BlueprintYork
Title: BLUEPRINT:

Search URL Search Domain Scan URL

URL: https://vbevents.venturebeat.com/GamesBeatSummit2019
Title: GamesBeat Summit:

Search URL Search Domain Scan URL

URL: https://facebook.com/venturebeat

Search URL Search Domain Scan URL

URL: https://venturebeat.com/
Title: VentureBeat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://sync.tag.clrstm.com/pixel?pixel_id=985&brand_id=1172 HTTP 302
https://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544

Request Chain 68

https://fpn.flipboard.com/pix/__fpn.gif?utm_source=http%3A%2F%2Fduressjhfd.icu%2F HTTP 307
https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fduressjhfd.icu%25252F&rh=http%253A%252F%252Fduressjhfd.icu%252F

Request Chain 69

http://b.scorecardresearch.com/b?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9=

Request Chain 70

http://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js HTTP 301
https://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1074615005&t=pageview&_s=1&dl=http%3A%2F%2Fduressjhfd.icu%2F&ul=en-us&de=UTF-8&dt=VentureBeat%20%7C%20Tech%20news%20that%20matters&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEADQ~&jid=930548124&gjid=903312837&cid=1960909408.1545474809&tid=UA-489886-1&_gid=1510907605.1545474809&_r=1&gtm=2wgbc0M5ZX2VT&cd3=C&z=635224031 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_gid=1510907605.1545474809&gjid=903312837&_v=j72&z=635224031 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031&slf_rd=1&random=967473063

Request Chain 102

http://sync.tag.clrstm.com/pixel?pixel_id=1031&brand_id=1172 HTTP 302
http://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544

Request Chain 155

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1 HTTP 302
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1

Request Chain 165

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407

Request Chain 173

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345

Request Chain 179

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658

Request Chain 185

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433

Request Chain 191

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904

253 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
duressjhfd.icu/ 132 KB
133 KB 2431ms
2388ms Document
text/html 89.163.155.175
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 89.163.155.175 Hattersheim, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: mail.duressjhfd.icu
Software: Apache / PHP/5.3.3
Resource Hash: dcd65f68ba0f82f4b6602518271647d14263fcc676e3060157b1f319640e33e1

Request headers

Host: duressjhfd.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:32:38 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK css
fonts.googleapis.com/ 24 KB
2 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,400italic,700italic,800italic,700,300,400,600,800

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ab480c40525a72ed5918aed50500bbfd7a426f4bc57c4df859872d17e36c73ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Dec 2018 10:33:28 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Dec 2018 10:33:28 GMT

GET
H2 200 /
venturebeat.com/_static/ 76 KB
14 KB 55ms
20ms Stylesheet
text/css 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://venturebeat.com/_static/??-eJxNjEEOwjAMBD9EahW13BBvSVIDpo4TxU6r/p5WCMRxd2cW1uJiFkMxSM0Vbg8ShRda8XGGlKfGqEByJyFDp7Fm5m/euqh6gr8Pe2La+SU4wVVBbTv0kLOpVV9c8IrdMf1Mksht2qG9gInUIHCOs2MK1dftc9ElksO4pWs/DuP5Mgxj/waLXEXX

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

539f267070b987e53676e9a85c44282779251bb27c553233baf503165a14e7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
content-encoding: gzip
x-rq: fra1 98 139 3232
last-modified: Thu, 20 Dec 2018 00:07:31 GMT
server: nginx
age: 196038
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 14274

GET
H2 200 Icon_Sprites_02.png
venturebeat.com/wp-content/themes/vb-news/brand/img/ 8 KB
8 KB 43ms
17ms Image
image/png 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/themes/vb-news/brand/img/Icon_Sprites_02.png

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

c09111b22d6807c379dd0bb9e5a83176072b8bb4066fa79547b614f225d075ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 73 3112
last-modified: Fri, 18 May 2018 23:19:52 GMT
server: nginx
age: 1558020
etag: "5aff5f98-2130"
strict-transport-security: max-age=31536000;
x-cache: hit
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8496
expires: Sun, 22 Dec 2019 10:33:28 GMT

GET
H2 200 zx_lombard_st2.png
venturebeat.com/wp-content/uploads/2018/12/ 21 KB
22 KB 33ms
8ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/zx_lombard_st2.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

17d5a993c5200b53af258bd78d243ba1eb36f1f465c51c4c93b9471da09271d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 93 443
last-modified: Sat, 22 Dec 2018 08:13:15 GMT
server: nginx
age: 8413
etag: "af4026526023e988"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 21888
expires: Sun, 22 Dec 2019 08:13:15 GMT

GET
H2 200 discord-store.png
venturebeat.com/wp-content/uploads/2018/10/ 9 KB
9 KB 8ms
8ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/10/discord-store.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

699e8e3bbc2cebf0b4daae49f70f9715a95f2800377b0a43603888a52badd870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Fri, 14 Dec 2018 16:05:57 GMT
server: nginx
age: 671251
etag: "9ba0649e88ab736c"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 9258
expires: Sat, 14 Dec 2019 16:05:57 GMT

GET
H2 200 music.jpg
venturebeat.com/wp-content/uploads/2018/09/ 4 KB
4 KB 19ms
7ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/09/music.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

bc862217960c96ec21d69cf6e8b0fefec24b8a563ded6223714fd3e689ec1d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Fri, 14 Dec 2018 19:25:20 GMT
server: nginx
age: 659288
etag: "a04ebd68ac76bdf9"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3994
expires: Sat, 14 Dec 2019 19:25:20 GMT

GET
H2 200 MSwI5pB.jpg
venturebeat.com/wp-content/uploads/2018/12/ 11 KB
11 KB 19ms
7ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/MSwI5pB.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

fb678340b778adf6c7f2ced35c886c8a08401dae444ec701d31bb860a9a36cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Fri, 21 Dec 2018 19:45:05 GMT
server: nginx
age: 53303
etag: "c3ea340a32401362"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 10852
expires: Sat, 21 Dec 2019 19:45:05 GMT

GET
H2 200 b26c3140-0f9e-4124-833c-483684e13b39.png
venturebeat.com/wp-content/uploads/2018/12/ 15 KB
15 KB 20ms
8ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/b26c3140-0f9e-4124-833c-483684e13b39.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

f6629015083fbbe923888d5d5bd1140da7d1960a735f3c6a59ad2fdf18911f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 18:56:00 GMT
server: nginx
age: 56248
etag: "6fb34469160c53be"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 15194
expires: Sat, 21 Dec 2019 18:56:00 GMT

GET
H2 200 Screen-Shot-2018-12-21-at-1.36.55-PM.jpg
venturebeat.com/wp-content/uploads/2018/12/ 7 KB
7 KB 25ms
13ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-21-at-1.36.55-PM.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

3594dddc4c1075dba2196d89a8a9c5b1fdc368b96d6a45aa9b9982e172fc3020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Fri, 21 Dec 2018 18:52:46 GMT
server: nginx
age: 56441
etag: "2ded42ef86b974d3"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 7008
expires: Sat, 21 Dec 2019 18:52:46 GMT

GET
H2 200 pixel-3-xl-camera-back.jpg
venturebeat.com/wp-content/uploads/2018/12/ 4 KB
5 KB 20ms
9ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/pixel-3-xl-camera-back.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

78a382b3bfcf3e21862b2f2a672624b3bb5581624ffe757ce01f777b105fa49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 93 443
last-modified: Fri, 21 Dec 2018 18:35:01 GMT
server: nginx
age: 57507
etag: "be482f1d96714cf8"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 4596
expires: Sat, 21 Dec 2019 18:35:01 GMT

GET
H2 200 girl-wheelchair-home.png
venturebeat.com/wp-content/uploads/2018/12/ 9 KB
9 KB 21ms
9ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/girl-wheelchair-home.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

365472f0ecba9ca97ae22732ee6125de17bc3c0283a493ec97c25ad4fded8559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Tue, 04 Dec 2018 09:57:30 GMT
server: nginx
age: 1557358
etag: "837643d1dc7e74de"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 8812
expires: Wed, 04 Dec 2019 09:57:30 GMT

GET
H2 200 Screen-Shot-2018-12-21-at-12.35.19-PM.jpg
venturebeat.com/wp-content/uploads/2018/12/ 4 KB
4 KB 20ms
9ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-21-at-12.35.19-PM.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

b3a48acc8e8f9e4c7f533b16ae1c0106e10e18205699f3c70dbd1fcfa6fc1825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 17:49:13 GMT
server: nginx
age: 60255
etag: "bfc37fa6adb4b513"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3604
expires: Sat, 21 Dec 2019 17:49:13 GMT

GET
H2 200 amazon-echo-red.jpg
venturebeat.com/wp-content/uploads/2018/10/ 4 KB
4 KB 24ms
13ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/10/amazon-echo-red.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

d64cce45f810456b0eb8a996f32964ea77cec7ec26b382641774653e11547257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Tue, 04 Dec 2018 11:41:12 GMT
server: nginx
age: 1551136
etag: "3848b2210dfcd9a2"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3738
expires: Wed, 04 Dec 2019 11:41:12 GMT

GET
H2 200 Intel-NUC-nobg.png
venturebeat.com/wp-content/uploads/2018/12/ 15 KB
15 KB 24ms
12ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Intel-NUC-nobg.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

0c0eebde13799aec2af6faea9ae78fa770d2edc940bd76c509186b2dcddba6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Fri, 21 Dec 2018 19:45:05 GMT
server: nginx
age: 53303
etag: "552622acccffd2cc"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 15046
expires: Sat, 21 Dec 2019 19:45:05 GMT

GET
H2 200 owen-mahoney.jpg
venturebeat.com/wp-content/uploads/2017/02/ 2 KB
3 KB 25ms
13ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2017/02/owen-mahoney.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

72369b3f50177912d56fb8625e467c343eec71d5f87d71008db98211e9a59199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 17:29:17 GMT
server: nginx
age: 61451
etag: "c399f9c1dd361171"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2472
expires: Sat, 21 Dec 2019 17:29:17 GMT

GET
H2 200 GB-Rewind-dean.jpg
venturebeat.com/wp-content/uploads/2018/12/ 14 KB
14 KB 26ms
14ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/GB-Rewind-dean.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

17fbbd9a5f64634aab44ac1a43ff36f33c19947693a1ed453607a1e6c3683e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Sat, 22 Dec 2018 00:47:38 GMT
server: nginx
age: 35150
etag: "788107eae76964d4"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 14242
expires: Sun, 22 Dec 2019 00:47:38 GMT

GET
H2 200 esports.GettyImages-1079528990.jpg
venturebeat.com/wp-content/uploads/2018/12/ 13 KB
13 KB 30ms
19ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/esports.GettyImages-1079528990.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

c77065166f85629d663d65008141bfcb9309ac44e4789cc8c805808f78effb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Fri, 21 Dec 2018 17:49:13 GMT
server: nginx
age: 60255
etag: "6308f16264196b4b"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 13492
expires: Sat, 21 Dec 2019 17:49:13 GMT

GET
H2 200 Our-Autonomous-Car.jpg
venturebeat.com/wp-content/uploads/2018/12/ 16 KB
16 KB 26ms
15ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Our-Autonomous-Car.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

594ed1b389a5618880ef2283e39157eb6a9bbd2782b138ed7bef33de1a3adbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Fri, 21 Dec 2018 15:08:52 GMT
server: nginx
age: 69876
etag: "76da0ad729dbf6e5"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 16498
expires: Sat, 21 Dec 2019 15:08:52 GMT

GET
H2 200 s4.reutersmedia.net_1.jpg
venturebeat.com/wp-content/uploads/2018/12/ 8 KB
8 KB 28ms
16ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/s4.reutersmedia.net_1.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

eee8f9a3dd1e0e1c29fb91b25a39ce52b381af05a6539e147c7e7e9146f346a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Fri, 21 Dec 2018 14:32:09 GMT
server: nginx
age: 72079
etag: "dfaadf080dc7a86d"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 7806
expires: Sat, 21 Dec 2019 14:32:09 GMT

GET
H2 200 UMode-landing-page.jpg
venturebeat.com/wp-content/uploads/2018/12/ 9 KB
9 KB 27ms
15ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/UMode-landing-page.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

b1002b157eb86eca4e17966f513674fe15ee1a6041949e58b0719ef59f74232e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Fri, 21 Dec 2018 14:17:14 GMT
server: nginx
age: 72974
etag: "b0bd1f698f57bcc4"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 8894
expires: Sat, 21 Dec 2019 14:17:14 GMT

GET
H2 200 Picture13.png
venturebeat.com/wp-content/uploads/2018/12/ 6 KB
6 KB 29ms
18ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Picture13.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

9bfcf44cec0aba349d09e5e69381cb4756b1be967b06324e1bef5fbb0a1e6997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 12:10:55 GMT
server: nginx
age: 80553
etag: "0e34a6b2de5deb70"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 6520
expires: Sat, 21 Dec 2019 12:10:55 GMT

GET
H2 200 india-technology.jpg
venturebeat.com/wp-content/uploads/2017/04/ 23 KB
23 KB 28ms
17ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2017/04/india-technology.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

241f202f1d13270d31ec74beb40f0c4bbe83d770594661bfef5283654328ddd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 11:57:13 GMT
server: nginx
age: 81375
etag: "6fc5f5324a39df98"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 23244
expires: Sat, 21 Dec 2019 11:57:13 GMT

GET
H2 200 fingernail_sensor_ibm.png
venturebeat.com/wp-content/uploads/2018/12/ 6 KB
6 KB 35ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/fingernail_sensor_ibm.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

d3eb45f84aa37cede88d23441d86ec2f1c7998d2c430e9e9baee139a454a6e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Fri, 21 Dec 2018 10:04:19 GMT
server: nginx
age: 88149
etag: "a80195aa95e32041"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 6148
expires: Sat, 21 Dec 2019 10:04:19 GMT

GET
H2 200 wikipedia-mobile.jpg
venturebeat.com/wp-content/uploads/2015/10/ 10 KB
10 KB 29ms
18ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2015/10/wikipedia-mobile.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

a8ab69a3f6ccb19ba0bf4c58b851cc44a19bec189fa6f6c6e536517144e95a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Fri, 21 Dec 2018 06:38:26 GMT
server: nginx
age: 100502
etag: "51d725d71bda15a2"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 10118
expires: Sat, 21 Dec 2019 06:38:26 GMT

GET
H2 200 chinajoy-mobile-games.jpg
venturebeat.com/wp-content/uploads/2014/08/ 16 KB
16 KB 35ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2014/08/chinajoy-mobile-games.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

1b68464c3a78eaab1170d22c5f8c7e05e5d4472bb97f4aeb046e7da75a5acbd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Tue, 04 Dec 2018 18:58:06 GMT
server: nginx
age: 1524922
etag: "944c9380e9b5dccd"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 15976
expires: Wed, 04 Dec 2019 18:58:06 GMT

GET
H2 200 BusinessWire_FeaturedImage.jpg
venturebeat.com/wp-content/uploads/2015/10/ 16 KB
17 KB 34ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2015/10/BusinessWire_FeaturedImage.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

f94fa7f03c86ef35e52bbc2595166af7ec64b4ad121a6ff656846c6fe56931d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 93 443
last-modified: Tue, 04 Dec 2018 09:59:29 GMT
server: nginx
age: 1557239
etag: "68abf1450b9288c7"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 16764
expires: Wed, 04 Dec 2019 09:59:29 GMT

GET
H2 200 Google-Plus.jpg
venturebeat.com/wp-content/uploads/2018/12/ 11 KB
11 KB 30ms
20ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Google-Plus.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

fc645e3de9fd2858a229aa311cdd99cddc1a9740ae85be019d096cd4a1cdd98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Thu, 20 Dec 2018 23:13:24 GMT
server: nginx
age: 127204
etag: "595c67c78c5db38c"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 11404
expires: Fri, 20 Dec 2019 23:13:24 GMT

GET
H2 200 home-office.shutterstock_753395833.jpg
venturebeat.com/wp-content/uploads/2018/12/ 13 KB
13 KB 32ms
22ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/home-office.shutterstock_753395833.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

95ce2a6bf4e941998bb7fc3a9509bb1596bafbfe714a22ea2a3e5cac303d4d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Thu, 20 Dec 2018 22:25:52 GMT
server: nginx
age: 130056
etag: "36aa73921d76964d"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 13060
expires: Fri, 20 Dec 2019 22:25:52 GMT

GET
H2 200 Screen-Shot-2018-12-20-at-3.55.32-PM.jpg
venturebeat.com/wp-content/uploads/2018/12/ 10 KB
10 KB 35ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-20-at-3.55.32-PM.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

4b9583ba27da3436d5010fe6e134779e09d92d2f0819bc467156684b7b740bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 93 443
last-modified: Thu, 20 Dec 2018 21:28:48 GMT
server: nginx
age: 133480
etag: "30d4a1b932694562"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 9962
expires: Fri, 20 Dec 2019 21:28:48 GMT

GET
H2 200 empires-puzzles.jpg
venturebeat.com/wp-content/uploads/2018/02/ 19 KB
20 KB 30ms
20ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/02/empires-puzzles.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

3e9e49639e66fdbde4ba888d9178139fce46c20603ce9dc1b4105ecefd8d8fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Thu, 20 Dec 2018 21:07:06 GMT
server: nginx
age: 134782
etag: "93f3c8b3447d79bb"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 19890
expires: Fri, 20 Dec 2019 21:07:06 GMT

GET
H2 200 WinterGifts.png
venturebeat.com/wp-content/uploads/2018/12/ 18 KB
18 KB 34ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/WinterGifts.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

434ec17b7a13904b342198aea47aa11c37eba1819fbb02362251e1f5cafe3cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Thu, 20 Dec 2018 20:03:17 GMT
server: nginx
age: 138610
etag: "ddcb29d01461b819"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 18212
expires: Fri, 20 Dec 2019 20:03:17 GMT

GET
H2 200 fbf8e2df-4ac7-4867-96e7-fa9160c8abfb.png
venturebeat.com/wp-content/uploads/2018/12/ 19 KB
19 KB 35ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/fbf8e2df-4ac7-4867-96e7-fa9160c8abfb.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

0aefd36617e2a42e90cd9f8783c1a062fc166af30db1deab4144a1de137a467d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Thu, 20 Dec 2018 19:31:34 GMT
server: nginx
age: 140514
etag: "1aa3891ab41f704d"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 19664
expires: Fri, 20 Dec 2019 19:31:34 GMT

GET
H2 200 IMG_6947.jpg
venturebeat.com/wp-content/uploads/2017/01/ 2 KB
3 KB 34ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2017/01/IMG_6947.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

e0c39332706a66dc7d4e4eabc862f5878628587923fc87fc75ea794a733679cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Thu, 20 Dec 2018 19:31:34 GMT
server: nginx
age: 140514
etag: "63b447310d8296be"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2482
expires: Fri, 20 Dec 2019 19:31:34 GMT

GET
H2 200 star-citizen-2.jpg
venturebeat.com/wp-content/uploads/2018/06/ 9 KB
9 KB 34ms
24ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/06/star-citizen-2.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

63582a6643285117afedb63037f7ee9ea5712632075d87d8d38e7c804654cb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Tue, 04 Dec 2018 15:03:51 GMT
server: nginx
age: 1538977
etag: "8c03cb293f992f50"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 9324
expires: Wed, 04 Dec 2019 15:03:51 GMT

GET
H2 200 loupai1.jpg
venturebeat.com/wp-content/uploads/2018/12/ 4 KB
5 KB 35ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/loupai1.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

2490bdcbf1b14155d82baeda2b19a0d9f1ea65176ec8f63cba0211520b0e727c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Thu, 20 Dec 2018 18:23:37 GMT
server: nginx
age: 144591
etag: "1e6db6553ff62e97"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 4558
expires: Fri, 20 Dec 2019 18:23:37 GMT

GET
H2 200 star-citizen-3-stealth-bomber.jpg
venturebeat.com/wp-content/uploads/2018/06/ 19 KB
19 KB 35ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/06/star-citizen-3-stealth-bomber.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

f8bca1acb3b0908c18c9d2de3bda258416116ae3658cd82c96a340f4d3fed636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Tue, 04 Dec 2018 12:03:42 GMT
server: nginx
age: 1549786
etag: "202afe4ba0faaeca"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 19098
expires: Wed, 04 Dec 2019 12:03:42 GMT

GET
H2 200 Echo-Sub-Black-Family-Room-1.jpg
venturebeat.com/wp-content/uploads/2018/11/ 8 KB
8 KB 35ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/11/Echo-Sub-Black-Family-Room-1.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

d99e7e29e860a6c72ad8aed7697834208690f06b4f69ccf15d817570b6e28247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 69 443
last-modified: Thu, 06 Dec 2018 20:01:21 GMT
server: nginx
age: 1348327
etag: "87eb0aa089ceaf10"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 8390
expires: Fri, 06 Dec 2019 20:01:21 GMT

GET
H2 200 xmuYFoT.jpg
venturebeat.com/wp-content/uploads/2018/12/ 4 KB
4 KB 30ms
22ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/xmuYFoT.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

c351eb35e70a8edb591f1a119951e40929fe5e5d714abf00cc761bb6e7c3e758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Thu, 20 Dec 2018 17:13:47 GMT
server: nginx
age: 148781
etag: "9f73439c5959a335"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3826
expires: Fri, 20 Dec 2019 17:13:47 GMT

GET
H2 200 ProotnMail-import.jpg
venturebeat.com/wp-content/uploads/2018/12/ 11 KB
11 KB 33ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/ProotnMail-import.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

f0f81c41caef384fb1832d8d8ecab44bc1104b2b2c05c8533add5f33e233ad34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Thu, 20 Dec 2018 17:13:47 GMT
server: nginx
age: 148781
etag: "851aa93ce960aa51"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 11592
expires: Fri, 20 Dec 2019 17:13:47 GMT

GET
H2 200 WallSensor.jpg
venturebeat.com/wp-content/uploads/2018/12/ 8 KB
8 KB 33ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/WallSensor.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

3150444160cd50ea6aff92a6d89ffaedc4091d95e7859d89fbc0d0e9325f26c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Thu, 20 Dec 2018 17:58:01 GMT
server: nginx
age: 146127
etag: "a04167e8bb6325ad"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 8036
expires: Fri, 20 Dec 2019 17:58:01 GMT

GET
H2 200 581341b4-2346-4bf6-b838-572e3cd60ace.png
venturebeat.com/wp-content/uploads/2018/12/ 15 KB
15 KB 33ms
26ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/581341b4-2346-4bf6-b838-572e3cd60ace.png?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

aea1ef3898cf302d58a561aa6b7fdbc1bae9cf6c9d9a26b6e137c18c950f7add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 131 443
last-modified: Thu, 20 Dec 2018 16:46:08 GMT
server: nginx
age: 150440
etag: "4560f0f9e43dbd71"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 15258
expires: Fri, 20 Dec 2019 16:46:08 GMT

GET
H2 200 appsflyer.jpg
venturebeat.com/wp-content/uploads/2018/12/ 8 KB
8 KB 32ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/appsflyer.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

a42f1e2803c128feddda9a3ab6420a9df9c76d9662e4434226cc573635e6bf8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Thu, 20 Dec 2018 16:37:20 GMT
server: nginx
age: 150968
etag: "80b5927bf54560a0"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 7804
expires: Fri, 20 Dec 2019 16:37:20 GMT

GET
H2 200 IMG_20180914_235113.jpg
venturebeat.com/wp-content/uploads/2018/09/ 3 KB
3 KB 30ms
22ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/09/IMG_20180914_235113.jpg?resize=285%2C180&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

5042256dc6dcf671500ec76287c84ab3d104654b25a571d21d8b4eb10f0eead8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 197 443
last-modified: Thu, 20 Dec 2018 16:34:07 GMT
server: nginx
age: 151161
etag: "126efdee171c9d6d"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2812
expires: Fri, 20 Dec 2019 16:34:07 GMT

GET
H2 200 Screen-Shot-2018-12-21-at-12.35.19-PM.jpg
venturebeat.com/wp-content/uploads/2018/12/ 4 KB
4 KB 32ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/Screen-Shot-2018-12-21-at-12.35.19-PM.jpg?resize=350%2C175&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

a021ce654376f84d0255e717434af4929d54c2bc23e44dae251915ab6c506165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 18:41:36 GMT
server: nginx
age: 57112
etag: "c11ec768225126d8"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3754
expires: Sat, 21 Dec 2019 18:41:36 GMT

GET
H2 200 india-technology.jpg
venturebeat.com/wp-content/uploads/2017/04/ 27 KB
27 KB 30ms
23ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2017/04/india-technology.jpg?resize=350%2C175&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

5b2090e5bfdcbe19a1a3be4caf24cbf1ce70a1d0ca14d22b305fdad6f0939bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 15:18:59 GMT
server: nginx
age: 69269
etag: "8e3c7ee0b576011c"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 27392
expires: Sat, 21 Dec 2019 15:18:59 GMT

GET
H2 200 fingernail_sensor_ibm.png
venturebeat.com/wp-content/uploads/2018/12/ 7 KB
7 KB 32ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/fingernail_sensor_ibm.png?resize=350%2C175&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

042bb9cee816e9f1234e87f992dadfaff2c083aad7caf07b4f9c99cb8bd03ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Fri, 21 Dec 2018 15:10:50 GMT
server: nginx
age: 69758
etag: "9e1eba4467fc49d0"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 6758
expires: Sat, 21 Dec 2019 15:10:50 GMT

GET
H2 200 wikipedia-mobile.jpg
venturebeat.com/wp-content/uploads/2015/10/ 10 KB
10 KB 32ms
26ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2015/10/wikipedia-mobile.jpg?resize=350%2C175&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

ee908d13aabb98ef1e87b0f9814752530d23829658c7f771f7aefc8546e6fa91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 98 133 443
last-modified: Fri, 21 Dec 2018 10:07:50 GMT
server: nginx
age: 87938
etag: "2b3ce28425790146"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 10280
expires: Sat, 21 Dec 2019 10:07:50 GMT

GET
H2 200 empires-puzzles.jpg
venturebeat.com/wp-content/uploads/2018/02/ 22 KB
22 KB 32ms
25ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/02/empires-puzzles.jpg?resize=350%2C175&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

56e79b5ae7a721d8e53a925474eed50775e12f796acf1b2c25489ad4ca637c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 102 93 443
last-modified: Thu, 20 Dec 2018 22:27:40 GMT
server: nginx
age: 129948
etag: "72aad4827a19b435"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 22276
expires: Fri, 20 Dec 2019 22:27:40 GMT

GET
H/1.1

200
OK

b=60766544
bcp.crwdcntrl.net/5/ct=y/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/
Redirect Chain

https://sync.tag.clrstm.com/pixel?pixel_id=985&brand_id=1172
https://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544
https://bcp.crwdcntrl.net/5/ct=y/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544

49 B
977 B

78ms
77ms

Image
image/gif

54.171.229.6
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.229.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.7.61
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/5/ct=y/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544
Cache-Control: no-cache
X-Server: 10.26.15.96
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 flbuttons.min.js Show response
cdn.flipboard.com/web/buttons/js/ 7 KB
4 KB 69ms
8ms Script
application/javascript 2600:9000:200c:5c00:e:5a70:ca47:86e1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:5c00:e:5a70:ca47:86e1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Dec 2018 19:37:43 GMT
content-encoding: gzip
last-modified: Wed, 11 Oct 2017 00:24:00 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:alee/gid:20/mode:33188/mtime:1507680760/atime:1507680783/md5:ec6e4306e5e274d25c4f9afde663da81/ctime:1507680760
age: 123879
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: DpIhDp8m1pOsrcZvRBJ3q7bc4Xx7kNUYcbEwpG18QMaVHEkip7bsRA==
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)

GET
H2 200 / Show response
venturebeat.com/_static/ 128 KB
44 KB 10ms
8ms Script
application/x-javascript 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://venturebeat.com/_static/??-eJyVj9EKwjAMRX/ILijd3sRPEdtFl9mmdW039/dGmC8qMiFwEzg3N4EpKmLrSosJeqlbwWFepOrTBgSwgTNyBl9UdOVCLBzmeLJXOIoZUiReyy6b/7GYQq4F4jMxZVTJDsG51zxX/nNT7tDLP6NRjFMCRwaezTf0d2jsQg68yMqkt0MV3oVsxXjw+22t612jdd30D3OmjKU=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

441f0c49b87a86734a4f4d56b139d06cbbfd64639fc844f473cb2b660891d27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
content-encoding: gzip
x-rq: fra1 96 211 3184
last-modified: Thu, 20 Dec 2018 00:07:19 GMT
server: nginx
age: 194766
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 44398

GET
H2 200 e-201851.js Show response
stats.wp.com/ 8 KB
3 KB 14ms
8ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201851.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 32055d9b971d8d2401fef1314f3ab521670dc4d913c65e27279aaa0b85f57e5e

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
content-encoding: gzip
server: nginx
etag: W/"5bffef4d-331d"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 16 Dec 2019 08:56:12 GMT

GET
H/1.1 200
OK 26020867-1244.js Show response
biddr.brealtime.com/ 535 KB
112 KB 85ms
38ms Script
text/javascript 104.24.246.16
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://biddr.brealtime.com/26020867-1244.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 104.24.246.16 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61bc6f5f174b49a543ba8a4076030645cb575d7817a9b457b0f25f74fa27cdb

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 03 Dec 2018 22:34:38 GMT
Server: cloudflare
x-amz-request-id: 7A1EC225307A1243
ETag: W/"76ccba07b28e53be7ec57e7f7c3d4588"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 48d1ee3437f4723b-AMS
x-amz-id-2: 3Tj+IL92TE0Znp69MI19gDqohtD0VSJbhWvwuiZk9rYHTVDfO3UQUGCeZur10uq45JS55KEX/ng=
Expires: Sat, 22 Dec 2018 10:34:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 4749
date: Sat, 22 Dec 2018 09:14:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sat, 22 Dec 2018 11:14:19 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "28 / 295 of 1000 / last-modified: 1544734874"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 9687
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Dec 2018 10:33:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
28 KB 22ms
16ms Script
application/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5ZX2VT

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

f27722c497f45a369c04808b55c7eb23272f4ceab17a465bc0df613f39d55fb1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28788
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:28 GMT

GET
H2 200 ping.js Show response
www.stack-sonar.com/ 8 KB
9 KB 84ms
14ms Script
application/javascript 143.204.101.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stack-sonar.com/ping.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.65 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26aef7ee36786de3a601fa9a33fe054b4a5159d51fd2508028b84ec089150ea8

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:32:11 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 20 Dec 2018 18:28:13 GMT
server: AmazonS3
age: 87
etag: "36feaa1f34d295308432751bd0076aeb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 8355
x-amz-cf-id: aKTuhE2meitaG4E5Jr-HPVyzuobeVzusekKiz2mXppOduAE5P82N3A==

GET
H/1.1 200
OK aquant.js Show response
pixel.quantserve.com/ 12 KB
6 KB 79ms
22ms Script
application/x-javascript 3.8.42.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.quantserve.com/aquant.js?a=p-UkS7f9ZMSZ6hP
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 3.8.42.50 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-8-42-50.eu-west-2.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22-Dec-2018 10:33:29 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Sat, 29 Dec 2018 10:33:29 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 79ms
22ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sun, 23 Dec 2018 10:33:29 GMT

GET
H/1.1 200
OK lightbox_inline.js Show response
www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/ 2 KB
2 KB 340ms
314ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/lightbox_inline.js?mb=1545474808950
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e30b053f0aeeb71ade1da5c70dc663c623f9ce8374ae89f770ed6a1034706a7

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Content-MD5: 20fsEMY8IQ6QS6TlpTuksw==
Cf-Polished: origSize=2379
Transfer-Encoding: chunked
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Thu, 20 Dec 2018 00:29:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 9cd23eea-b01e-0095-4585-9834f2000000
x-ms-version: 2009-09-19
CF-RAY: 48d1ee34309964d5-FRA
Cf-Bgj: minify

GET
H2 200 b26c3140-0f9e-4124-833c-483684e13b39.png
venturebeat.com/wp-content/uploads/2018/12/ 64 KB
64 KB 21ms
20ms Image
image/webp 192.0.66.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2018/12/b26c3140-0f9e-4124-833c-483684e13b39.png?resize=1156%2C450&strip=all

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

783cbd70b0406ef85b18d678acac19392b47ded9363be8778a6c87a5c01dda46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:28 GMT
x-rq: fra1 96 195 443
last-modified: Sat, 22 Dec 2018 06:02:20 GMT
server: nginx
age: 16267
etag: "05d89cb20dea0ce5"
vary: Accept
x-cache: hit
content-type: image/webp
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 65600
expires: Sun, 22 Dec 2019 06:02:20 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,400italic,700italic,800italic,700,300,400,600,800
Origin: http://duressjhfd.icu

Response headers

Date: Fri, 21 Dec 2018 05:46:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 21:49:46 GMT
Server: sffe
Age: 103647
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 8892
X-XSS-Protection: 1; mode=block
Expires: Sat, 21 Dec 2019 05:46:01 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,400italic,700italic,800italic,700,300,400,600,800
Origin: http://duressjhfd.icu

Response headers

Date: Thu, 20 Dec 2018 06:53:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 21:49:39 GMT
Server: sffe
Age: 186001
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 8800
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 Dec 2019 06:53:27 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,600italic,400italic,700italic,800italic,700,300,400,600,800
Origin: http://duressjhfd.icu

Response headers

Date: Fri, 21 Dec 2018 05:42:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 21:49:48 GMT
Server: sffe
Age: 103839
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 8916
X-XSS-Protection: 1; mode=block
Expires: Sat, 21 Dec 2019 05:42:49 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 34 KB
14 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P7TNBBC&cid=1960909408.1545474809

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

e12bce95e4fe605db7138898e6d70212eeb73e9d8b038b01ba27f53b1d572bfe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:29 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 13809
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=duressjhfd.icu

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=duressjhfd.icu

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 42ms
42ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:29 GMT

GET
H2

200

__fpn.gif
fpn.flipboard.com/tr/
Redirect Chain

https://fpn.flipboard.com/pix/__fpn.gif?utm_source=http%3A%2F%2Fduressjhfd.icu%2F
https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fduressjhfd.icu%25252F&rh=http%253A%252F%252Fduressjhfd.icu%252F

35 B
341 B

7ms
6ms

Image
image/gif

2600:9000:200c:600:14:85db:2b40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fduressjhfd.icu%25252F&rh=http%253A%252F%252Fduressjhfd.icu%252F
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:600:14:85db:2b40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 05:07:39 GMT
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2017 18:19:12 GMT
server: AmazonS3
age: 69526
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 35
x-amz-cf-id: NLGORnOHrqlUOphV7Cb_jZ2PSap0Abd7nEfhb39rabrWuzbPBx2N8g==

Redirect headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:29 GMT
via: 1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
server: CloudFront
location: /tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fduressjhfd.icu%25252F&rh=http%253A%252F%252Fduressjhfd.icu%252F
x-cache: LambdaGeneratedResponse from cloudfront
status: 307
cache-control: no-cache, no-store, must-revalidate
content-length: 0
x-amz-cf-id: e--nHxDCl6jqXzQT8v6aLsROvI_TkwvDF5BWYiPiMT-Ue1bF5tVh_A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9=
http://b.scorecardresearch.com/b2?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9=

0
248 B

82ms
21ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9=
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=2&c2=6035753&ns__t=1545474809209&ns_c=UTF-8&cv=3.1&c8=VentureBeat%20%7C%20Tech%20news%20that%20matters&c7=http%3A%2F%2Fduressjhfd.icu%2F&c9=
Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rules-p-UkS7f9ZMSZ6hP.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js
https://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js

5 KB
2 KB

33ms
9ms

Script
application/x-javascript

2600:9000:200c:4a00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 573f38ce544a609c1edca6ffbc48e3714589b422640bdf50c8a221e4fb17a78d

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:11:13 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 21:03:55 GMT
server: AmazonS3
age: 1603
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: CJThZwst3ffCSX3LhlHlQ31wOhGqummLi74Bx5yuWvRd5j54wLOdFw==
via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)

Redirect headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Via: 1.1 c1b77f069e81fd54b56ee92a790a3e9b.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-UkS7f9ZMSZ6hP.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: hr7454IyVOcLWHF1AuPelVyfbDelMCm6bobrEClj5eEXGd1DvT-sNw==

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 35ms
12ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A6.8.1&blog=126020344&post=0&tz=-8&srv=venturebeat.com&host=duressjhfd.icu&ref=&rand=0.9241904063671724
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H/1.1 204
No Content event
api.stack-sonar.com/v1/ 0
176 B 419ms
97ms Image
text/plain 52.73.122.138
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.stack-sonar.com/v1/event?ts=1545474808937&_v=1.1.4&_c=stack-connect-wp&_a=7ede8496-0dc2-4ecf-a992-7ca086fc773e&_f=208040494&_u=http%3A%2F%2Fduressjhfd.icu%2F&_r=&_x=0&_l=&_p=0&_z=1545474809252.1635920985&_y=1545474809254.1114956615&_t=1545474809&_s=send&_e=session-start
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.122.138 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-122-138.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.12.1
Connection: keep-alive
Vary: Origin

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1074615005&t=pageview&_s=1&dl=http%3A%2F%2Fduressjhfd.icu%2F&ul=en-us&de=UTF-8&dt=VentureBeat%20%7C%20Tech%20news%20that%20matters&sd=24-bit&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_gid=1510907605.1545474809&gjid=903312837&_v=j72&z=635224031
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031&slf_rd=1&random=967473063

42 B
109 B

30ms
16ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031&slf_rd=1&random=967473063

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-489886-1&cid=1960909408.1545474809&jid=930548124&_v=j72&z=635224031&slf_rd=1&random=967473063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lightbox.js Show response
www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/ Frame 46C7 321 B
732 B 16ms
15ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/lightbox.js?mb=1545474809406&lv=1
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 986d9ed3ba172123cb10337f060844b5dd4b0067862fd8ca938b471135e0e058

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Cf-Bgj: minify
Server: cloudflare
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 48d1ee36d19f64d5-FRA

GET
H/1.1 200
OK pixel;r=569340571;labels=Channel.home%2CArticle%20Title.California%20grants%20Zoox%20first%20permit%20to%20transport%20passengers%20in%20driverless%20vehicles;rf=0;uh=65ce955d6ae6;a=p-UkS7f9ZMSZ6hP...
pixel.quantserve.com/ 35 B
479 B 19ms
18ms Image
image/gif 3.8.42.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=569340571;labels=Channel.home%2CArticle%20Title.California%20grants%20Zoox%20first%20permit%20to%20transport%20passengers%20in%20driverless%20vehicles;rf=0;uh=65ce955d6ae6;a=p-UkS7f9ZMSZ6hP;url=http%3A%2F%2Fduressjhfd.icu%2F;fpan=1;fpa=P0-321948031-1545474809416;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1545474809415;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.California%20grants%20Zoox%20first%20permit%20to%20transport%20passengers%20in%20driverless%20vehicl%2Cdescription.VentureBeat%20is%20the%20leading%20source%20for%20latest%20technology%20news%252E%20We%20give%20context%20to%2Curl.https%3A%2F%2Fventurebeat%252Ecom%2F%2Csite_name.VentureBeat
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 3.8.42.50 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-8-42-50.eu-west-2.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK check.js Show response
biddr.brealtime.com/ Frame C754 628 B
1 KB 62ms
22ms Script
application/javascript 104.24.247.16
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://biddr.brealtime.com/check.js
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 104.24.247.16 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bbca33aef1072be52f91c7ee211a6e64a95afdc1a717061ead67ca4ec14b5ec

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 01 Oct 2018 16:42:50 GMT
Server: cloudflare
x-amz-request-id: FC7800AC26A74224
ETag: W/"e26b4c06d7ee284c49b355d1563b45b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 48d1ee37417d6ac7-LHR
x-amz-id-2: HRFdsJFXmNgkppLJqbFxo75RbD1gus8J4tMGGCclHFEkKUmBLSftgZ3GxibkzmFocKzlgZWweis=
Expires: Sat, 22 Dec 2018 10:34:29 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 372 B
790 B 150ms
70ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F1038375%2Fa0-p1-s2%7C2335bb6b9adf09%22%3A%22300x250%22%2C%22%2F1038375%2Fa0-p2-s2%7C36f646c062ffa3%22%3A%22300x250%22%2C%22%2F1038375%2Fa0-p3-s2%7C41ed41285d7cc7%22%3A%22300x250%22%2C%22%2F1038375%2Fa0-p4-s2%7C56a094837721cd%22%3A%22300x250%22%2C%22%2F1038375%2Fa0-p5-s2%7C66ca8d030eb61e%22%3A%22300x250%22%2C%22%2F1038375%2Fa0-p5-s2%7C762fdecc8b8ef%22%3A%22300x250%22%2C%22%2F1038375%2Fa1-p1-s1%7C8d09973bd9890e%22%3A%22728x90%2C970x250%2C970x90%22%2C%22%2F1038375%2Fa1-p1-s1%7C9253b4b2ebf1ab%22%3A%22300x1050%2C300x600%2C300x250%22%2C%22%2F1038375%2Fa0-p7-s2%7C109efbfcd6b37d3%22%3A%22300x250%22%7D&ref=http%3A%2F%2Fduressjhfd.icu%2F&s=0fe78011-761d-4f99-9ff8-7ca3f5102155&pv=17aef114-f4d3-41f4-843f-5e19c3efc307&vp=desktop&lib_name=prebid&lib_v=3.9.3&us=5&

Requested by

Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3f18c48166c4fab53b352173d0be42319cdbd1a2d8a447d453b8185305e7ab45

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 203
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as.casalemedia.com/ 7 KB
6 KB 267ms
179ms XHR
application/json 2.16.186.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://as.casalemedia.com/cygnus?s=286152&v=7.2&r=%7B%22id%22%3A%221171a86994d1075%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221269b7ef0dc81bf%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286152%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2213103c1a1047213%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286153%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2214094460e19f527%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286154%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22151677901e1fcca%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286155%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%221665511af4c5cb2%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286156%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%221795ba4bcd39f15%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286157%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2218451ca76bef1c%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286158%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22191984df9244b6e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286158%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22203a4b74cda644f%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286158%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22216585808c94747%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%221%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22224d765c25710f3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22286159%22%2C%22sid%22%3A%22300x1050%22%7D%7D%2C%7B%22id%22%3A%222330a04e30a70de%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%221%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fduressjhfd.icu%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 2.16.186.107 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-107.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7af7a15ebe1c1d6774914d3dcce02ef009230a619571709b877abedf9996ce30

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 5202
Expires: Sat, 22 Dec 2018 10:33:29 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 79ms
15ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=61cd4f48-d63f-41da-92f1-680afb8cab05&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.48199563760549835
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 28a5a0d9dcdc8163f5a091e0f352cb31e7bcc81988962e57e7c5f075670a8e56

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 80ms
16ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=6c1bdf56-5063-4baf-ab48-5b8bd609ad40&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.2678922875449474
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4da70a4226a112b27f1c6331e411d3ac85c6a7be51d6a5d23eafd9cb4afadf8a

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 79ms
15ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=4dd8c447-f55f-4e5f-bbee-a7c53f095e8b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.43624750541757873
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 6912876aedbf9a807113a3383b7f0fbe009e6e4ea24466028c8e8034bf41aa19

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 102ms
40ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=1d3fd019-7425-4f64-9933-a6bd5373dab4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.09573032880258481
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d308a9f9a76eacaebd0659717d712a55fe91bda9ce2248eb9ed953fd40e3f725

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 89ms
26ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=ce99c6e1-1d44-46f9-9f70-d8758e580473&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.83128209593086
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 3e3b146e0fb9535ab28473eb8638d74f3ab1aca9bbe2c121b7d4a7c8c84fae2f

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 79ms
17ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=12de949d-3985-48e5-8e3f-c33201a38f3f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.6871303784001834
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 09e92136722cc5bc66678fe84632704c496f0a6a71c863b645931970e11c7518

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 281 B
1 KB 105ms
26ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=32fc30b8-39f3-47bb-adbf-b8be2d02c3e8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.02496498697478522
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d06275a0a1ee6c1ba3352d8f753b2abbe98bdeeb529c5a4fa2c6778e34c13ef9

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 302 B
1 KB 102ms
22ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&alt_size_ids=10%2C54&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=cb9afbde-16d5-48d7-ad18-5298acded752&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.3209494332153684
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: c23fbd02a1977a17f5fc2d61d9623ee513ed2085df62925d799c473537aae193

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 302
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 106ms
26ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12778&site_id=99922&zone_id=479222&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fduressjhfd.icu%2F&tk_flint=pbjs_lite_v3.9.3&x_source.tid=3c6cb183-c382-4f10-abd2-667488bc7162&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.013531129449429802
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 312396dcd8b00e40f8582d975d9781ba4f16b704ca4bde4369325868cec555d1

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/78036/0/ 0
690 B 193ms
154ms XHR
text/plain 204.2.250.100
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.1rx.io/rmp/78036/0/mvo?z=1r&domain=duressjhfd.icu&url=http%3A%2F%2Fduressjhfd.icu%2F&title=VentureBeat%20%7C%20Tech%20news%20that%20matters&dsh=1200&dsw=1600&tz=0&dtype=2&flash=0&hbv=3.9.3%2C1.0.1&imp=%2F1038375%2Fa0-p1-s2%2C%2F1038375%2Fa0-p2-s2%2C%2F1038375%2Fa0-p3-s2%2C%2F1038375%2Fa0-p4-s2%2C%2F1038375%2Fa0-p5-s2%2C%2F1038375%2Fa0-p6-s2%2C%2F1038375%2Fa1-p1-s1%2C%2F1038375%2Fa1-p1-s2%2C%2F1038375%2Fa0-p7-s2&w=300%2C300%2C300%2C300%2C300%2C300%2C728%7C970%7C970%2C300%7C300%7C300%2C300&h=250%2C250%2C250%2C250%2C250%2C250%2C90%7C250%7C90%2C1050%7C600%7C250%2C250&floor=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&t=d%2Cd%2Cd%2Cd%2Cd%2Cd%2Cd%2Cd%2Cd&
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 204.2.250.100 North Fort Myers, United States, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
1rsrv: ams-rmx-39.rhythmxchange.com
Keep-Alive: timeout=120
Expires: Sat, 22 Dec 2018 05:33:31 EST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 60ms
23ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js

Protocol

HTTP/1.1

Server

185.33.223.206 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

201fa9340d59e94de161d7a1dbecd7842b41d6b3b16989ba1247721a62bb5a9e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Dec 2018 10:33:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.225; 185.220.70.225; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.14:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 474aa77b-bd1e-4afb-9912-0a9b7338a6a5
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 77ms
40ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js

Protocol

HTTP/1.1

Server

185.33.223.206 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

9ea0faf2840fbbe21ffdff4385c005614968d2e7885a5d45bc9bc074971aab4d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Dec 2018 10:33:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.225; 185.220.70.225; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.237:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4f005fe9-e351-4af9-8561-98dae9367e31
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK arj Show response
venturebeat-d.openx.net/w/1.0/ 172 B
740 B 169ms
112ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://venturebeat-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fduressjhfd.icu%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.4&dddid=61cd4f48-d63f-41da-92f1-680afb8cab05%2C6c1bdf56-5063-4baf-ab48-5b8bd609ad40%2C4dd8c447-f55f-4e5f-bbee-a7c53f095e8b%2C1d3fd019-7425-4f64-9933-a6bd5373dab4%2Cce99c6e1-1d44-46f9-9f70-d8758e580473%2C12de949d-3985-48e5-8e3f-c33201a38f3f%2C32fc30b8-39f3-47bb-adbf-b8be2d02c3e8%2Ccb9afbde-16d5-48d7-ad18-5298acded752%2C3c6cb183-c382-4f10-abd2-667488bc7162&nocache=1545474809472&aus=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C728x90%2C970x250%2C970x90%7C300x1050%2C300x600%2C300x250%7C300x250&divIds=%252F1038375%252Fa0-p1-s2%2C%252F1038375%252Fa0-p2-s2%2C%252F1038375%252Fa0-p3-s2%2C%252F1038375%252Fa0-p4-s2%2C%252F1038375%252Fa0-p5-s2%2C%252F1038375%252Fa0-p6-s2%2C%252F1038375%252Fa1-p1-s1%2C%252F1038375%252Fa1-p1-s2%2C%252F1038375%252Fa0-p7-s2&auid=540223927%2C540223928%2C540223929%2C540223930%2C540223931%2C540223932%2C540223917%2C540223926%2C540223933&
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: a3f5cb758d5c1eb7426627ec31a3b8894a0dc53cff4affc2381583cd3751c9cc

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Server: OXGW/16.117.2
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=10647de882d03b7b;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 47 B
418 B 185ms
116ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=10647de882d03b7b;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: c8a57d46ecdea2f9b6c44ad173b55a269b12243dcf455817b37b5a1913b343ff

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 47
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=10756ee9c248de1c;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 188ms
119ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=10756ee9c248de1c;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: f5f5c0769d6387257e427aeb5968a97d9021b4cd2fba181fccbc0fa6a2dc102e

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=1088aa545372ab36;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 186ms
117ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1088aa545372ab36;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: da36e0d1c5201e5171432444d8c3bc8e1f603d822f59978d2a1a561dd376d7bf

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=1093776f3d67a898;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 294ms
225ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1093776f3d67a898;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b6395e5a708ab6e29f37df37439be682d4a1770720643814f6e63f5dceeae542

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=11095e72a506984a;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 199ms
127ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11095e72a506984a;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 5c8735fe16a9ebf8d932a5b6d71a47aa29ea523a9c76fd750a2764117aee977d

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=1114c4991ddb0326;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 301ms
117ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1114c4991ddb0326;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 39006f0615c356df39cf7e2c143a99a09610355ff5bde65899f298983a7f863f

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=112e52c6c7905766;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861862/0/0/ 48 B
419 B 312ms
127ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861862/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=112e52c6c7905766;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 2a96c24ce951e1ee44b49babdd152dddea60f458ea37d20906fbae0c224bea95

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK ADTECH;v=2;cmd=bid;cors=yes;alias=1131f644d6c03c88;misc=1545474809474; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ 48 B
419 B 301ms
119ms XHR
application/json 152.195.15.114
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver-us.adtech.advertising.com/pubapi/3.0/10132.1/4861861/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1131f644d6c03c88;misc=1545474809474;
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8150271012f78364f9423e56bf9ee8ca72ab98383687515a3f9eea15392c2849

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
Server: Adtech Adserver
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
Content-Length: 48
Expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
2 KB 55ms
16ms XHR
application/json 72.251.249.13
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/rtb/bid?src=biddr.git_prebid_3.9.3
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b231a902d566a8bca35f53f9a78eebf160ccb8b8c155e4b8c89cf7f0470ca54

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Dec 2018 10:33:29 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://duressjhfd.icu
Transfer-Encoding: chunked
X-Sovrn-Pod: ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 90ms
63ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js

Protocol

HTTP/1.1

Server

185.33.223.206 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

a6177930c490ae5c08501ba781abb8426277ea34d3b170c020e9a110d3ba86f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Dec 2018 10:33:31 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.220.70.225; 185.220.70.225; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.10:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 942d9f41-89e0-4b6a-be29-7a235df4ce12
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

b=60766544
bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/
Redirect Chain

http://sync.tag.clrstm.com/pixel?pixel_id=1031&brand_id=1172
http://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544

49 B
483 B

107ms
63ms

Image
image/gif

34.255.138.125
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 34.255.138.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-255-138-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:29 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.23.202
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: http://bcp.crwdcntrl.net/5/c=4827/tp=IPON/tpid=05ba5056-05d5-11e9-823d-0242ac110002/b=60766544
Date: Sat, 22 Dec 2018 10:33:29 GMT
Cache-Control: must-revalidate,no-cache,no-store
Server: Jetty(9.4.z-SNAPSHOT)
Connection: keep-alive
Content-Length: 312
Content-Type: text/html;charset=iso-8859-1

GET
H/1.1 200
OK user.js Show response
www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/ Frame 46C7 1 MB
159 KB 1412ms
1411ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272
Requested by: Host: www.lightboxcdn.com
URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/lightbox.js?mb=1545474809406&lv=1
Protocol: HTTP/1.1
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ee839db63e3ac5a4bd9c1b2602b7f5eb355a45d3495c8d640872b53f0990b2

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Content-MD5: pD9SZ08aCKhCncBJyxvwZA==
Transfer-Encoding: chunked
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Thu, 20 Dec 2018 00:29:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
x-ms-request-id: 3ef7b33c-c01e-0134-6de1-99bc3c000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
CF-RAY: 48d1ee3741d264d5-FRA
Expires: Sun, 22 Dec 2019 10:33:29 GMT

GET
H/1.1 200
OK / Show response
e1.emxdgt.com/sync/ Frame C754 603 B
1 KB 50ms
8ms Script
application/javascript 18.195.155.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://e1.emxdgt.com/sync/
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/check.js
Protocol: HTTP/1.1
Server: 18.195.155.181 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 002ffa7b6ffc7bf82c987ea628aa6eda1c0c31eb81dd99437e8121d3fbbc060d

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:28 GMT
Connection: Keep-Alive
Content-Length: 603
Content-Type: application/javascript

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
9 KB 255ms
255ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1360987412214399&correlator=3191881706076685&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=1038375%2Ca1-p2-s0%2Ca1-p1-s1%2Ca0-p1-s2%2Ca0-p3-s2%2Ca0-p5-s2%2Ca0-p6-s2%2Ca0-p7-s2%2Ca0-p8-s2%2Ca0-p9-s2%2Ca1-p1-s2%2Ca0-p2-s2%2Ca0-p4-s2%2CROS_Skin%2CROS_HB%2CHomepage_River_PP&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=1000x1%2C728x90%7C970x90%7C970x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600%7C300x1050%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1&prev_scp=pv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.07%26hb_adid%3D191984df9244b6e%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D1269b7ef0dc81bf%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D14094460e19f527%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D1665511af4c5cb2%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D1795ba4bcd39f15%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D13103c1a1047213%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%26hb_pb%3D0.08%26hb_adid%3D151677901e1fcca%26hb_bidder%3Dix%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7Cpv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC%7CntvPlacement%3D1097464%26pv%3Dfirst%26env%3Dproduction%26page_type%3Dfront_door%26session%3DC&eri=1&cookie_enabled=1&bc=7&abxe=1&lmt=1545474809&dt=1545474809936&dlt=1545474808869&idt=459&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C429%2C478%2C478%2C478%2C478%2C478%2C478%2C478%2C958%2C958%2C958%2C792%2C792%2C792&adys=0%2C87%2C1107%2C2718%2C4329%2C5940%2C7562%2C9173%2C10784%2C682%2C2067%2C2482%2C11671%2C11693%2C11715&adks=85756380%2C431166925%2C1916945211%2C3732036190%2C2035968249%2C748879633%2C3164480471%2C3820942026%2C3294527768%2C1345341363%2C4287065138%2C2457661167%2C2750469632%2C250860996%2C1344860228&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fduressjhfd.icu%2F&dssz=35&icsg=133760&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x11716%7C970x130%7C600x10828%7C600x10828%7C600x10828%7C600x10828%7C600x10828%7C600x10828%7C600x10828%7C300x250%7C300x250%7C300x250%7C1585x11716%7C1585x11716%7C1585x11716&msz=1600x400%7C970x-1%7C600x271%7C600x271%7C600x271%7C600x271%7C600x271%7C600x271%7C600x271%7C300x250%7C300x250%7C300x250%7C1585x22%7C1585x22%7C1585x22&ga_vid=1577763315.1545474810&ga_sid=1545474810&ga_hid=1074615005&fws=128%2C4%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

661a88fc1bbdbe73718f04688c7c482b472292a7b62c8cde74f0bd03715d046f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8678
x-xss-protection: 1; mode=block
google-lineitem-id: -2,4740851457,4740850017,4740850017,4740850017,4740850017,-1,-1,-1,-1,4740850017,4740850017,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138238923882,138238923897,138238931396,138238923882,138238923888,-1,-1,-1,-1,138238923900,138238931471,-2,-2,-2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://duressjhfd.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
22 KB 49ms
41ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 13ms
6ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 42D6 0
0 50ms
16ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=DC3A63&r=E303D1D3&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=1c775ea0ef34a5ccfb2ea58966b69c56&wp=9&aid=161DEE4648F2C603&tid=142DD&s=45DCE&cp=0.09&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame BC73 19 KB
10 KB 83ms
29ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690923;rtbwp=XB4S-QAAAABo3OCXa2j3ODDNfFGHttbZ4lFhCw;rtbdata=AdYIqNMojIdJz4J0An17VS2-KBCJoRarnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPaPxUNmzF5up1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c6Wqxdjj-ixnNC0Rucr5OzjLTFHfg4aYfxX0bcpMeQfm5CTyaJx4iGhE1bUnAi8hKOdHPC2azk92MCjDUIbSrL-lY7kWpsQWoHE4_sQZGQgqA2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41cfb788c9bb160e43348529d7db33e2442c3b7e5b3115396bbf7815ae6c0914

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9489
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC73 73 KB
27 KB 46ms
45ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
27 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:26:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
Age: 424
ETag: 10366987592970477111
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 26696
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Dec 2018 11:26:26 GMT

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 728C 0
0 36ms
16ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CC&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=7733eb8f62ad4ce7cd2e185c9e81e164&wp=C&aid=161DEE4648F2FEF7&tid=142DD&s=45DC8&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame B38C 19 KB
10 KB 74ms
32ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAABQa5IGLOUAxdu68EjAwJ9bi-SEgQ;rtbdata=AdYIqNMojIdJz4J0An17VccYgZBzo9QonjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4rf4aVIgcRidC0Rucr5OzjGDWf0XzjHpoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f2ac5243eb89ad16fd8f79875a70cabb6676049052fa16993f9adbf08cfb3cd8

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9504
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B38C 73 KB
27 KB 49ms
44ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 6726 0
0 33ms
16ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CE&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=332df2b03308952302b630986ef28983&wp=C&aid=161DEE4648F2E1FB&tid=142DD&s=45DCA&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame 23D5 19 KB
10 KB 70ms
32ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACB9gF7Utgvvc-TYy8ePp7ZARmnlQ;rtbdata=AdYIqNMojIdJz4J0An17VRumHTXsKL4knjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5AEONAeEnO8dC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 805e23104ae299f99a71e669ce3470cd015e0142f9842cd2f0c14b7a795de317

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9498
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23D5 73 KB
27 KB 50ms
48ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 8048 0
0 25ms
15ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1D0&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=2c55fa8ebb44550bc197c3a75a7d7bd6&wp=C&aid=161DEE4648F2A409&tid=142DD&s=45DCC&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame 1754 19 KB
10 KB 106ms
33ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADjJnHwpr2T315OQh2oRgHbTVKwVw;rtbdata=AdYIqNMojIdJz4J0An17VcDd1kRVhoO2njySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4sVF4QF30-fdC0Rucr5OzjEBtO3JjOWqQLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6fb4b3955da69a35b184de332ef9f1f788a2d9cb650da69e2fd3acd621f80d02

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9506
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1754 73 KB
27 KB 46ms
46ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 4EE2 0
0 40ms
14ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1D1&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=202be1fa6c04d34eba48059b417e7fd4&wp=C&aid=161DEE4648F49B47&tid=142DD&s=45DCD&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame 84A6 19 KB
10 KB 102ms
34ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAAB66qkiqvaJP84HJ1JL0fQs3Ezyiw;rtbdata=AdYIqNMojIdJz4J0An17VXsZSUc9B0pAnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4_yvambV6wAtC0Rucr5OzjMR4CN1jhQnILJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2c92e6c84bd183f1b2f4247e428b80f24314e01510d2670363db744eda780052

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9505
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84A6 73 KB
27 KB 48ms
45ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 9CAA 0
0 12ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 1737
Date: Thu, 20 Dec 2018 07:06:23 GMT
Expires: Fri, 20 Dec 2019 07:06:23 GMT
Last-Modified: Thu, 01 Nov 2018 14:23:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 185227

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame DDAD 0
0 13ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 1737
Date: Thu, 20 Dec 2018 07:06:23 GMT
Expires: Fri, 20 Dec 2019 07:06:23 GMT
Last-Modified: Thu, 01 Nov 2018 14:23:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 185227

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 13BF 0
0 12ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 1737
Date: Thu, 20 Dec 2018 07:06:23 GMT
Expires: Fri, 20 Dec 2019 07:06:23 GMT
Last-Modified: Thu, 01 Nov 2018 14:23:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 185227

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 860B 0
0 10ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 1737
Date: Thu, 20 Dec 2018 07:06:23 GMT
Expires: Fri, 20 Dec 2019 07:06:23 GMT
Last-Modified: Thu, 01 Nov 2018 14:23:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 185227

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame 4A58 0
0 21ms
15ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CD&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=8a44366f7a8c34f98f4ee6cd90bfa99c&wp=C&aid=161DEE4648F3B09A&tid=142DD&s=45DC9&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame F2A6 19 KB
10 KB 64ms
31ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACKp9t49y41lc-utsIf7wGdgqNSdA;rtbdata=AdYIqNMojIdJz4J0An17VdwKsiZm6-EknjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5tz7bL_R40W9C0Rucr5Ozj3TNgbvUZ6scLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 32f23751cab7dde9c6b83b62608f4c9c4305ef1110804252d8f90f6f0e48fcae

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9499
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2A6 73 KB
27 KB 55ms
41ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H/1.1 200
OK ifnotify
a3217.casalemedia.com/ Frame EAC6 0
0 55ms
37ms Document
text/html 185.80.38.186
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://a3217.casalemedia.com/ifnotify?c=D2107F&r=E303D1CF&t=5C1E12F9&u=X0hTNGU3TmFPR0RteEVyTzRRMU80dE51&m=7bd439c2fb3abf095fce54c4c8b7d424&wp=C&aid=161DEE4648F4564B&tid=142DD&s=45DCB&cp=0.12&n=duressjhfd.icu&pr=xx&epr=1171a86994d1075
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 185.80.38.186 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3217.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: CMID=XB4S.blQJroAAHGBZAwAAAAY; CMPS=3217; CMST=XB4S+VweEvkB; CMSC=XB4S+Q**; CMDD=AAKYfQE*
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
track.adform.net/adfscript/ Frame 159E 19 KB
10 KB 87ms
32ms Script
text/javascript 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADdzktLPNS5GQHXHq0xDO1pDDVpPA;rtbdata=AdYIqNMojIdJz4J0An17VY7h-jRZo_GQnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c53FSoHyRoiGNC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5e4f6bd4b15899c2903ae53ab574d6f41fc14e3c79413d655e42849a4b6105e8

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 9509
Expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 159E 73 KB
27 KB 62ms
41ms Script
text/javascript 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC73 0
260 B 47ms
26ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNjQcUCj0AcsaNs2POo1Qq9k4I3g6TK8osdDsszYLqV_2T4EENeR2LgxdGgVjI0Hip4fNIqzjhI1w5HuUd6phdOcAOg5DYNWfAnaQUheQYYO_8Vl4h7PPZGPIp4v2yg8wpolpuCIohnbr7pCsUEs4Dv1Y0hmXT13tTQ90QLRv0bZ-BQ4gHxhAk4fMpLG01gntwH_7VnaJIVIhb0beRiqld-j1oAw-QWBYonrG1ONjMBDirWzXF9-s&sai=AMfl-YTiviBOElkwfcalI63b3R-4fcAwl5pjGesuq8kl0-97Tfl89tLlNGs_9QgqEqDKbAkRZf0yTNhTmS8kDsjZQlIqLtGPVe4kXiMyLcHg_A&sig=Cg0ArKJSzE5RP_wgDJK4EAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B38C 0
261 B 47ms
27ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvM2fH5FtGr1_Z9fHKhDODeZUAgxJ8lkOu-r8U4nnJDmIjRXEA-DIiYuMRpGDF9W0yncvRpqKJHCktD6cVXX9WwWokCCFIU8SA2rW2V_KnNjJSDAXFlyxD410Shr0UPxx-m3yBRTuPyLQAvvFVZad0unWliVNM40voufYsE_eB4kjoOTqRremey7SUaydHvv1Ui_uxBq7rjtYClQWvP4RklXLGFnBcx0lk2LXBBRysDsYmNkmKyKsO3eY4&sai=AMfl-YSR3y4a-e3bn6w6foMjjrcf_gsvRnGXYnKQ1JeFx9p8YNoyuRJywW-h83aNw4fwwjDXJK6BK3qBaScCr4gVHocDELjhrgk83ZDj7eQfyg&sig=Cg0ArKJSzK7-DufT4BnoEAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 23D5 0
251 B 48ms
29ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv5B0UWGPHF8rT3vrW15Gyk8ToB-mpO1Bv6DHAMUj_W6MUEqBms71HNCay1yqHR0qrPishv6cPJEFqNrIYRo1y6f45Db8OCoSFd5Nw3NwPzLXsz1AJVVEkexD016r7iLDJeVBfc5WZomPY-C4J7XjznoNqibzgXoN_xr5Ye2dMIr_FVT7u1w6aU3T_aQIy4BDqYFe5osWMtqa5cLcAxmWQI4576CRrDIqecB46JxgVxy6tN6tgQaruOr8b&sai=AMfl-YS9_kOcHsphyHJnSe7aj5pvTqKwhwwJZYxlVNhdRaED4cFTMNH3oIc7sy3Gz6e4Gg2xgUo8ZooQcL27rrBSCR84F7HAVsmTmY2nfldOow&sig=Cg0ArKJSzG4bVbSe6-kpEAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1754 0
253 B 47ms
27ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslYvtcat1Bf63BRzR4gDe63bPfYH9tawtADOdUQ663aWZa58Bh8M0rzXft_1oxCt3S_DKW8ZbIDkOZETnehQGROSq5RB-EoyWsNU7C0gNkOxGvK78vZ4rtQNWHGnkyp6sK2MFr-q3UkC380IPiJTIS3XNMxYPErYfKAw4_eOxTe3Ws8ukGoia64KtwDHKmaHrK9pdc02iUEUyAjVtHvbC0Wn4vstQOlL_Nb1ukRMIR1faU090MLa6R4lkY&sai=AMfl-YTDQ2rxQvqp7ycyglVTbMWCy3K14hlU69WP-S7LdJN74A2JPWCLnvrUp-Am8aZjjjUahUDDsEQGDMrt_do2lOWJAfGwvGTBUOsJC7T2EA&sig=Cg0ArKJSzMWS_t4TU3QYEAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84A6 0
252 B 48ms
29ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjq_rQUxqQaC7bsWzkD-TdlovIviwVSNCSVcSknbOOdubpmivEWd9_QmHcNB09hXSG7-Pb3axeaRVW32IuyZ17XU3M-4THIavfuJYDny7hTSlvm8wYzkca2WoIgwf6C_W573JJa3ajlpP9xCdoRxspayTA9dE_1981RoFEaSVzI9q_hYYb9CGM-jF_mjEzR9WNRvmY-MXi0C9Awh3LjPlmwfrRc1mcXcf0X6rp64MUQxOZc6OZKbrgyzU1&sai=AMfl-YQ_D0-_HeNlOWE92CqMxb1MOf2BawboR0YxIUQH1JtBFdRohXYDTmFiCrvWia2YjyYrgWXwnIgEnDbWQqmHXnxa-hh5DQUT8QnSfRAZ2w&sig=Cg0ArKJSzL9801Qv67k5EAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2A6 0
251 B 49ms
29ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOVUWDX2ENVfnzZgxZe4T3fOMIbvc1ZmNltH8v3fCyCsPEuARgfP3mnY4v5DIRGRpEaBlrGdf8HSLKJ1XD5KODgcZEHrkD9KG2N2NOEScfqu8zmEmF-A1Cq7xIrPCwU618GTX2K_PCUolUKEYoEfJwT3z53AlT34TtNLbpDCNVeqP7beYTbNDrC3bxiYgr4unGdJdKoAH5VUXKVTefXzEpeqNg6hKzg7O4uCC_qKzMXnv6Rdoszgun5y1d&sai=AMfl-YRCXjGT-bOREEAq-Mz20FAUwHJBPY16N1ErRlRumatahqYvIl3pmC8sBVzrtciG9yXnsIwFQhTYLCwAlCkuV1836loDrG3lBJW3q65Tlw&sig=Cg0ArKJSzGARoRxm8LYgEAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 22 Dec 2018 10:33:30 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 159E 0
53 B 30ms
30ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq1i5u5JYzBSyuZMBE1Mfa2Xv3Cpr09Ag_elSDuP8fY9fNnwWgnDyOTvoQWkJ6eoZhmErxaxJjb3yxi350pohdVAEMjOJkyiGoqSazyxq93Tr1ZEIKMVH5v86Tid01NWMPBRowVfzdqvISgPXaZMjQKXZ3lQqAVYERTNi0TsCbNbRgNoKPqxs7o613FXr6LMvqXlQYqFOps8O8kMXaxmNIefCOVbsE0nA5tnkgskw1tKOmdtX--rNRn8B5&sai=AMfl-YR_kBboqLxieDOW7g1kllSHjFug2nq9uFODo9RwoOPKnbBYGdfAOtLOzy1gCUE9Vus4pkX1z2usZFNDuanLxuswuD3N5kRO6Ulvg-kS2w&sig=Cg0ArKJSzPzNJUHSqlC9EAE&urlfix=1&adurl=

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK / Show response
realbid.brealtime.com/biddr/ 90 B
400 B 534ms
106ms XHR
application/json 34.236.39.146
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://realbid.brealtime.com/biddr/
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 34.236.39.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-39-146.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.20
Resource Hash: 2168077b5032db690bcc361d9593ed4f931a456652321631075b874d053dc169

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.20
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 90

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame BC73 31 KB
14 KB 3085ms
28ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690923;rtbwp=XB4S-QAAAABo3OCXa2j3ODDNfFGHttbZ4lFhCw;rtbdata=AdYIqNMojIdJz4J0An17VS2-KBCJoRarnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPaPxUNmzF5up1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c6Wqxdjj-ixnNC0Rucr5OzjLTFHfg4aYfxX0bcpMeQfm5CTyaJx4iGhE1bUnAi8hKOdHPC2azk92MCjDUIbSrL-lY7kWpsQWoHE4_sQZGQgqA2
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:18:05 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame 23D5 31 KB
14 KB 3127ms
28ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACB9gF7Utgvvc-TYy8ePp7ZARmnlQ;rtbdata=AdYIqNMojIdJz4J0An17VRumHTXsKL4knjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5AEONAeEnO8dC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:16:37 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame B38C 31 KB
14 KB 3121ms
29ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAABQa5IGLOUAxdu68EjAwJ9bi-SEgQ;rtbdata=AdYIqNMojIdJz4J0An17VccYgZBzo9QonjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4rf4aVIgcRidC0Rucr5OzjGDWf0XzjHpoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:18:05 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame F2A6 31 KB
14 KB 3121ms
30ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAACKp9t49y41lc-utsIf7wGdgqNSdA;rtbdata=AdYIqNMojIdJz4J0An17VdwKsiZm6-EknjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5tz7bL_R40W9C0Rucr5Ozj3TNgbvUZ6scLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:18:05 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame 1754 31 KB
14 KB 3129ms
28ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADjJnHwpr2T315OQh2oRgHbTVKwVw;rtbdata=AdYIqNMojIdJz4J0An17VcDd1kRVhoO2njySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4sVF4QF30-fdC0Rucr5OzjEBtO3JjOWqQLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:16:37 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame 84A6 31 KB
14 KB 3135ms
29ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAAB66qkiqvaJP84HJ1JL0fQs3Ezyiw;rtbdata=AdYIqNMojIdJz4J0An17VXsZSUc9B0pAnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4_yvambV6wAtC0Rucr5OzjMR4CN1jhQnILJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:18:05 GMT

GET
H/1.1 200
OK bootstrap.js Show response
s1.adform.net/stoat/614/s1.adform.net/ Frame 159E 31 KB
14 KB 3138ms
28ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: http://track.adform.net/adfscript/?bn=26690929;rtbwp=XB4S-QAAAADdzktLPNS5GQHXHq0xDO1pDDVpPA;rtbdata=AdYIqNMojIdJz4J0An17VY7h-jRZo_GQnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c53FSoHyRoiGNC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:16:37 GMT

GET
H/1.1 200
OK fb_digioh.2.1.5.css
www.lightboxcdn.com/static/ 5 KB
2 KB 315ms
314ms Stylesheet
text/css 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lightboxcdn.com/static/fb_digioh.2.1.5.css?cb=636808625650325593
Requested by: Host: www.lightboxcdn.com
URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272
Protocol: HTTP/1.1
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f7df24c8c4e910f6fbb7c5f92d41abf98aa8505f34b691b9a54a243f130062

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Sat, 22 Dec 2018 10:33:31 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Content-MD5: SPXkOHRrmvkdtUVAkMsWtg==
Transfer-Encoding: chunked
Connection: keep-alive
x-ms-lease-status: unlocked
Last-Modified: Thu, 22 Jun 2017 21:54:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 265ca0a4-c01e-0091-5fe1-99c170000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
CF-RAY: 48d1ee40b50f64d5-FRA
Expires: Sun, 22 Dec 2019 10:33:31 GMT

GET
H/1.1 200
OK z Show response
lightboxapi2.azurewebsites.net/z9p/42219/duressjhfd.icu/jsonp/ 556 B
800 B 308ms
136ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://lightboxapi2.azurewebsites.net/z9p/42219/duressjhfd.icu/jsonp/z?cb=1545474810998&callback=jQuery17106654291677061097_1545474810982&_=1545474810999
Requested by: Host: www.lightboxcdn.com
URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272
Protocol: HTTP/1.1
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Kestrel / ASP.NET
Resource Hash: 6b3cd19f26b022bfb5f70962432e66c47512ef407c40b88bfba916f00b2c685d

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Kestrel
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript

POST
H/1.1 200
OK / Show response
realbid.brealtime.com/biddr_update/ 65 B
375 B 2735ms
104ms XHR
application/json 3.81.156.77
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://realbid.brealtime.com/biddr_update/
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 3.81.156.77 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-81-156-77.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.20
Resource Hash: 3321e1cf8a1cb6ca338022c4ebb4564bffa6329beb39edb83f5c5118659a640e

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 22 Dec 2018 10:33:34 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.20
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 65

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4CCC 0
0 70ms
19ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sun, 22 Dec 2019 10:33:32 GMT
Date: Sat, 22 Dec 2018 10:33:32 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 812E 0
0 85ms
18ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sun, 22 Dec 2019 10:33:32 GMT
Date: Sat, 22 Dec 2018 10:33:32 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B84D 0
0 105ms
18ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sun, 22 Dec 2019 10:33:32 GMT
Date: Sat, 22 Dec 2018 10:33:32 GMT
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set pd
eu-u.openx.net/w/1.0/ Frame F5B5
Redirect Chain

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1

0
0

21ms
21ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

Host: eu-u.openx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate
Cookie: i=f6b5007f-1dd5-0fea-24eb-03315bd19617|1545474815
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Vary: Accept
Set-Cookie: i=f6b5007f-1dd5-0fea-24eb-03315bd19617|1545474815; Version=1; Expires=Sun, 22-Dec-2019 10:33:35 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1545474815|cP968U9ce78X; Version=1; Expires=Sun, 06-Jan-2019 10:33:35 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sat, 22 Dec 2018 10:33:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip

Redirect headers

Set-Cookie: i=f6b5007f-1dd5-0fea-24eb-03315bd19617|1545474815; Version=1; Expires=Sun, 22-Dec-2019 10:33:35 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=7cd4c233-b263-4ce8-bfd3-f0235d18abba&gdpr=1
Date: Sat, 22 Dec 2018 10:33:35 GMT
Content-Length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 02AE 0
0 7067ms
8ms Document
text/html 104.109.77.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: biddr.brealtime.com
URL: http://biddr.brealtime.com/26020867-1244.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-77-19.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 06 Dec 2018 12:00:00 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=44835
Expires: Sat, 22 Dec 2018 23:00:54 GMT
Date: Sat, 22 Dec 2018 10:33:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK audit
hbevents.1rx.io/ 0
318 B 1416ms
189ms Image
text/html 50.112.252.228
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hbevents.1rx.io/audit?bidder_version=1.0.1.0&doc_type=Prebid%20Audit&doc_version=1&framed=0&placement_codes=%2F1038375%2Fa0-p1-s2%2C%2F1038375%2Fa0-p2-s2%2C%2F1038375%2Fa0-p3-s2%2C%2F1038375%2Fa0-p4-s2%2C%2F1038375%2Fa0-p5-s2%2C%2F1038375%2Fa0-p6-s2%2C%2F1038375%2Fa1-p1-s1%2C%2F1038375%2Fa1-p1-s2%2C%2F1038375%2Fa0-p7-s2&placement_id=78036%2C78036%2C78036%2C78036%2C78036%2C78036%2C78036%2C78036%2C78036&popped=0&prebid_version=3.9.3&response_ms=195&url=http%3A%2F%2Fduressjhfd.icu%2F
Protocol: HTTP/1.1
Server: 50.112.252.228 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-50-112-252-228.us-west-2.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:34 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 20
Expires: 0

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame BC73 6 KB
4 KB 86ms
36ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA1bekk.uJtHoqvynx9MsFyxYM914Ve_clr9Pv20K69JRcWprTL4y_AxBEl7pp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF8KSKXV4.hL9.LxU..00W/adfserve/?CC=1&bn=26690923;rtbwp=XB4S-QAAAABo3OCXa2j3ODDNfFGHttbZ4lFhCw;rtbdata=AdYIqNMojIdJz4J0An17VS2-KBCJoRarnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPaPxUNmzF5up1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c6Wqxdjj-ixnNC0Rucr5OzjLTFHfg4aYfxX0bcpMeQfm5CTyaJx4iGhE1bUnAi8hKOdHPC2azk92MCjDUIbSrL-lY7kWpsQWoHE4_sQZGQgqA2;js=1;adfxid=1x;10484;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 833a71b5c11d65411b88b869b66f9c6a147ec0e4816fd88c5617172a5abd3f22

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3096
Expires: -1

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame B38C 6 KB
4 KB 89ms
32ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA154WV0odm_dhrxbuJjkWxv5iJ3A0KAGYiPv20K69JRcWprTL4y_AxBEl7pp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF3fKXV4.hL9.LxU..8je/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAABQa5IGLOUAxdu68EjAwJ9bi-SEgQ;rtbdata=AdYIqNMojIdJz4J0An17VccYgZBzo9QonjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4rf4aVIgcRidC0Rucr5OzjGDWf0XzjHpoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=2x;993;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 37331946ebe92a58b2b8d4450cd84a70866ace5fe639e0cd6456bc598e20a627

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3114
Expires: -1

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 23D5 6 KB
4 KB 82ms
36ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA1bfqik.uJtHoqvynx9MsFyxYM914Ve_clrCSWVeY_9DJFuvjA1zH_ya6sZPuVr914VecL57GY5BNv_uY5BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc1KelF1VLf4.ATjV.6yX/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAACB9gF7Utgvvc-TYy8ePp7ZARmnlQ;rtbdata=AdYIqNMojIdJz4J0An17VRumHTXsKL4knjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5AEONAeEnO8dC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=3x;3237;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 62cb3c9306286683f19ec01207ad1c21767bcf2c81f81e98ef2aec1ed4b84d8b

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3101
Expires: -1

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame F2A6 6 KB
4 KB 88ms
32ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA147Ag.D_DJhCizgzH_y3EjNpmVWN9dPBSnMNN9ctHY_3DivmkjodUdWy85icCmVWN9e4WX3NlY5DtTclY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9._PgJ.c4elF1rfs.836/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAACKp9t49y41lc-utsIf7wGdgqNSdA;rtbdata=AdYIqNMojIdJz4J0An17VdwKsiZm6-EknjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c5tz7bL_R40W9C0Rucr5Ozj3TNgbvUZ6scLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=4x;1874;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ffe63b1287f738c8cb0cf80f6aab2f79e82353b182e4f39e53923e628b228e63

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3102
Expires: -1

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 1754 6 KB
4 KB 80ms
33ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA137Qg.D_DJhCizgzH_y3EjNpmVWN9dPBSkrNN9ctHY_3DivmkjodUdWy85icCmVWN9e4WX3NlY5DtTclY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9._PgJ.c4elF1rfs.Bdb/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAADjJnHwpr2T315OQh2oRgHbTVKwVw;rtbdata=AdYIqNMojIdJz4J0An17VcDd1kRVhoO2njySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4sVF4QF30-fdC0Rucr5OzjEBtO3JjOWqQLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=5x;444;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: dd03f0c1c3879b4271397d4c35029bda69e52e1d5667fbe0d449a9aec29cc73d

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3111
Expires: -1

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame BC73 16 KB
6 KB 120ms
15ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690923&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690923&btadserv=adform&crt=28359481&crtname=gigacubemax_1eur_181127_728x90&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=5680085483712606620&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame BC73 43 B
654 B 84ms
27ms Image
image/gif 85.14.248.72
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&cachebuster=8804
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.14.248.72 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Sa, 22 Dez 2018 10:33:33 GMT
X-ET-Camp: 707
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame BC73
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407

42 B
771 B

162ms
35ms

Image
image/gif

54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-0c0e8ef4f.edge-irl1.demdex.com 5.45.0.20181217095029 4ms
Pragma: no-cache
X-TID: JpZXKxXLT84=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: ftsHv8njTA0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_728x90&rnd=16407
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame BC73 0
279 B 1041ms
9ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=70209
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:34 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359481;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame BC73 107 B
107 B 92ms
39ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359481;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_728x90;idfa=;aaid=;cache=21780;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
x-atlas-debug: AYLOPQoavouFqbN10RQoc3_AQlpQc-KCjMQArBkA1pCNqWjW4VuqMKuOQ3uPGY8oax9VDQxjtWwepx5xkhnrreK1
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 107
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame BC73 85 KB
35 KB 44ms
31ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:11:21 GMT

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 84A6 6 KB
4 KB 85ms
33ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/sda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA13kQg.D_DJhCizgzH_y3EjNpmVWN9dPBSnMNN9ctHY_3DivmkjodUdWy85icCmVWN9e4WX3NlY5DtTclY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9._PgJ.c4elF1rfs.4BD/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAAB66qkiqvaJP84HJ1JL0fQs3Ezyiw;rtbdata=AdYIqNMojIdJz4J0An17VXsZSUc9B0pAnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c4_yvambV6wAtC0Rucr5OzjMR4CN1jhQnILJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=6x;897;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 538d65f6697615f09e318e6ce3368eb2d7883fb0a68a72ff64c7fe50ff3590ea

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3108
Expires: -1

GET
H/1.1 200
OK / Show response
track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 159E 6 KB
4 KB 83ms
36ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/wpf/v2/kda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2DdQsmmTrnySbhJdjftckuyPBDjaY2ftckZZLQ084akJkI0_2pA15KWV0odm_dhrxbuJjkWxv5iJ3A0KAGYi5v20K69JRcWprTL4y_AxBEl7pp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF3fKXV4.hL9.LxU..75g/adfserve/?CC=1&bn=26690929;rtbwp=XB4S-QAAAADdzktLPNS5GQHXHq0xDO1pDDVpPA;rtbdata=AdYIqNMojIdJz4J0An17VY7h-jRZo_GQnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPYHDAWiYVJTH1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c53FSoHyRoiGNC0Rucr5Ozj8iV5b1k8cMoLJgyHYqJwTLFq5v5jT5sMozUB82hZQ-XrXNA11mjlobNN6cCK-3jcZm4mDqDaRvhk9JUJFwE_MQ2;js=1;adfxid=7x;5532;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0;fd=0|15&CREFURL=http%3A%2F%2Fduressjhfd.icu%2F
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e26971e914cd5893852b85cf52c367b0d1a8b043cb47f7b9690cadf59fef08ce

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=15
Content-Length: 3111
Expires: -1

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B38C 16 KB
6 KB 114ms
18ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=2488677255535411121&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame B38C 43 B
654 B 2063ms
18ms Image
image/gif 85.14.248.71
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=28376
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.14.248.71 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:35 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Sa, 22 Dez 2018 10:33:35 GMT
X-ET-Camp: 707
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame B38C
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345

42 B
771 B

166ms
35ms

Image
image/gif

54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-08ad4156a.edge-irl1.demdex.com 5.45.0.20181217095029 4ms
Pragma: no-cache
X-TID: O9AxuwN1Qjw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: 6VNpxDRXQhA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=7345
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame B38C 0
279 B 1013ms
8ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=77570
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:34 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame B38C 106 B
106 B 47ms
47ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=63086;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
x-atlas-debug: AYLMjciylUs8xdUs5Idl_KXzFJKBVwhx4xZGIQYG9AxFOPR4QhBvFehX3q9p0PVQAmHPF3r7WJ4etxV09j5U1k_C
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 106
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame B38C 85 KB
35 KB 35ms
33ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:11:21 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 23D5 16 KB
6 KB 123ms
16ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3142101323001228224&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 23D5 43 B
592 B 3075ms
22ms Image
image/gif 85.14.248.71
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=13541
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.14.248.71 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:36 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Sa, 22 Dez 2018 10:33:36 GMT
X-ET-Camp: 707
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame 23D5
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658

42 B
771 B

170ms
35ms

Image
image/gif

54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-07f391f61.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: wXJgopYDSKw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: puRVmwtXSLI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=14658
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 23D5 0
279 B 919ms
10ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=21298
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:34 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame 23D5 107 B
107 B 44ms
38ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=70859;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 107
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame 23D5 85 KB
35 KB 1078ms
30ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:08:22 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame F2A6 16 KB
6 KB 115ms
14ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=6541833698805942952&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F2A6 43 B
654 B 2178ms
22ms Image
image/gif 85.14.248.71
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=72492
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 85.14.248.71 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:35 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Sa, 22 Dez 2018 10:33:36 GMT
X-ET-Camp: 707
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame F2A6
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433

42 B
771 B

175ms
36ms

Image
image/gif

54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-04fee3bc1.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: mFBsNslPT3I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: AA7ME/A1SZo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=8433
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame F2A6 0
279 B 10ms
8ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=26318
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:34 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame F2A6 107 B
107 B 39ms
38ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=42631;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
x-atlas-debug: AYKZNln5_7m2MCN4jRd5SKSuT8gyHH0R2qdJR-hSY0A2vmLCKODL13w-VpwTvnbTM7dbwE90r2TCU7dy4ceKlzly
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 107
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame F2A6 85 KB
35 KB 717ms
30ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:08:22 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1754 16 KB
6 KB 124ms
13ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3541272039933801372&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET ai.aspx
m.exactag.com/ Frame 1754 0
0

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame 1754
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904

42 B
771 B

181ms
36ms

Image
image/gif

54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-02d651027.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: Ucx8w/WZRsk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: kvIimGBLRUM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=65904
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 1754 0
279 B 9ms
8ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=67217
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:35 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame 1754 106 B
106 B 42ms
38ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=56445;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
x-atlas-debug: AYLjJvDUCFszqo5Vxpe39Feb1XU1dQWEC0FMl1xEsk9Ld5bDL1-LfmObh4rPhmOI_FyLDcdB1IgjrAOtjK3xPLCd
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 106
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame 1754 85 KB
35 KB 1815ms
33ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:19:25 GMT

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame BC73 35 B
646 B 101ms
28ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690923&csi=brtFQzUmQb77pONN7YgzH6HfdIXAe3-lSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbjcVkE4MiUviQ2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:37 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359481.gif
s1.adform.net/Banners/28359481/ Frame BC73 32 KB
32 KB 33ms
30ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359481/28359481.gif?bv=2

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8dff7d337a7f072c6cacaadfb8f9abf4e981acad52c30535fdfcd17538a38dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-7e4d"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 32333

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 84A6 16 KB
6 KB 89ms
14ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=2546943194213724105&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET ai.aspx
m.exactag.com/ Frame 84A6 0
0

GET
H/1.1 200
OK event
vfde.demdex.net/ Frame 84A6 42 B
771 B 147ms
36ms Image
image/gif 54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=3524
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-0634c79ce.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: jPcHZC4+Ql8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 84A6 0
279 B 9ms
8ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=97027
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:35 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame 84A6 106 B
106 B 43ms
40ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=78204;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 106
expires: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 159E 16 KB
6 KB 97ms
14ms Script
application/x-javascript 23.211.0.74
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&advid=165376&app=&sup=Index+Exchange&adsrv=178&region=40&btreg=26690929&btadserv=adform&crt=28359477&crtname=gigacubemax_1eur_181127_300x250&dvtagver=6.1.src&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3362071894903947836&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%3a%2f%2fduressjhfd.icu%2f
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 23.211.0.74 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-0-74.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Content-Encoding: gzip
ETag: "a8c25d1d995d41:0"
Last-Modified: Mon, 17 Dec 2018 07:20:36 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6134

GET ai.aspx
m.exactag.com/ Frame 159E 0
0

GET
H/1.1 200
OK event
vfde.demdex.net/ Frame 159E 42 B
771 B 110ms
35ms Image
image/gif 54.194.108.5
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&rnd=18110
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-067711e60.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: rXFSyDIaQ3Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 159E 0
279 B 9ms
9ms Image
text/html 35.156.116.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=55014
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.116.54 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-116-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 10:33:35 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OM...
ad.atdmt.com/i/ Frame 159E 106 B
106 B 40ms
39ms Image
text/javascript 2a03:2880:f02d:5:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1384581;s.a=1358733;p.a=4637653;as.a=;a.a=28359477;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_PO_AL_LaL_BNR_CM_GigaCube-GEN-CPA-OMP-FQ3-ADF;as.n=;a.n=gigacubemax_1eur_181127_300x250;idfa=;aaid=;cache=88125;
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 22 Dec 2018 10:33:33 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 106
expires: 0

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame 84A6 85 KB
35 KB 1672ms
33ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:19:25 GMT

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 9330 239 KB
73 KB 1960ms
20ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame BC73 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8744ff88d3dbb397fcae717e20b9d2e50bb9d47e9c09af779a18d6bec8f749

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Standard Show response
s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/ Frame 159E 85 KB
35 KB 1660ms
33ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 11:13:30 GMT
Server: nginx
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=100000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 23 Dec 2018 14:19:25 GMT

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 5B4D 239 KB
73 KB 1112ms
20ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame B38C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6ba203dfa8d19d0aa482274f6658b1fe01a138e1e721c8f5dd085ff66b54057

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame E8CB 239 KB
73 KB 1081ms
20ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame 23D5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9ee32dbc0b44ddd2778c5f64c4231d878b7e3a9be1a81560b2a795466f35e7a

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 8BC3 239 KB
73 KB 414ms
21ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame F2A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd5dc43a948913b2023c0bd679355fbe04cbfdd9c6eb92d7ad99ce02a4e6ffa7

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 394D 239 KB
73 KB 426ms
25ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame 1754 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66863b5d5eb3d2b2b9470a9802cc1e7fd1717e5de7fee06ada3ec7432a792698

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 8FAE 239 KB
73 KB 428ms
20ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame 84A6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53af528683617a63c431e7603cf4930b149e52eace8c2ac5ef060492614b7139

Request headers

Response headers

Content-Type: image/png

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame B38C 35 B
646 B 137ms
29ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=hIqwjUrJDDCewWO1eg7j39GeKkP8bHt4SnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbjcVkE4MiUviQ2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame B38C 49 KB
49 KB 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

GET
H/1.1 200
OK dv-measurements249.js Show response
cdn.doubleverify.com/ Frame 62EA 239 KB
73 KB 161ms
20ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.doubleverify.com/dv-measurements249.js
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 22 Dec 2018 10:33:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:06:12 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "586163f592d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74841

GET
DATA 200
OK truncated
/ Frame 159E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff3a4fb373b41e1bf8f8acf31eb10a5ba392808d096e2a668cf99e2d2a9623ac

Request headers

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BC73 42 B
112 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrLYcOVXDy4ilH7CqKSDXhGx8LtwDOpvYxEZLvFAnvaR9weoteW2hp-xw9ZhJJbEZUyhnGOp1Vx9VXlO9ZH7XnRBv9dAtQKmiX_7M&sig=Cg0ArKJSzETqCv4PmaDTEAE&adk=431166925&tt=4552&bs=1585%2C1200&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&p=87,429,177,1157&mcvt=1061&rs=3&ht=0&tfs=3503&tls=4564&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1545474810265&rpt=3642&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C11665&ss=1600%2C1200&pt=14&deb=1-11-11-54-54-15-303-42&tvt=4553&r=v&id=osdim&uc=18&upc=10&tgt=DIV&cl=1&cec=13&clc=1&cac=0&cd=728x90&v=20181207

Requested by

Host: duressjhfd.icu
URL: http://duressjhfd.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Dec 2018 10:33:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK /
track.adform.net/serving/unload/ Frame BC73 35 B
646 B 153ms
29ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@26690923,5680085483712606620,100|1003|0|0|90|0|0|0|0||35|0|1538|161DEE4648F2C603_1|||1|0|0|TOOCkwZ4Z375-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK /
track.adform.net/Serving/Event/ Frame BC73 35 B
420 B 84ms
29ms Image
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track.adform.net/Serving/Event/?bn=26690923&event=178&time=1&banner=28359481&name=Viewable%20impressions&imprid=5680085483712606620&icid=-5750631979060554475&eData=brtFQzUmQb4eFSGzg7wXmXn0oHauXNQxWn4RHwA1TBl_7KLPWa1aEhT5cxamdaOvLwF1-MxABZWsdMPbidFoFg2&rnd=169833393&rtbwp=XB4S-QAAAABo3OCXa2j3ODDNfFGHttbZ4lFhCw&rtbdata=AdYIqNMojIdJz4J0An17VS2-KBCJoRarnjySi_tRYInrGDxTv1IDrIt0k_Jf7I6sdxcelOiqLOlKlkKQcpE3UXhJRTB1pTD9q0WY8C_SR2pw-3pCoxnpPaPxUNmzF5up1jf9pcV6dIj4fkN60IT2IezxkfbGNabtK8TFSlxZ9c6Wqxdjj-ixnNC0Rucr5OzjLTFHfg4aYfxX0bcpMeQfm5CTyaJx4iGhE1bUnAi8hKOdHPC2azk92MCjDUIbSrL-lY7kWpsQWoHE4_sQZGQgqA2
Requested by: Host: duressjhfd.icu
URL: http://duressjhfd.icu/
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:37 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame 23D5 49 KB
0 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame 23D5 35 B
646 B 207ms
28ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=mbB3d6UiDSxOXPAQDaZgb3sB2-Hi0bTHSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbjcVkE4MiUviQ2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame F2A6 49 KB
0 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame F2A6 35 B
646 B 207ms
29ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=wCGXuy_BsabBYQmy0zFpMcZxkyfRyjlQSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbjcVkE4MiUviQ2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame 1754 49 KB
0 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame 1754 35 B
646 B 29ms
29ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=FoaH1eTp6QZC61hZRN7AwzEDc0LayOtLSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbjcVkE4MiUviQ2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame 84A6 49 KB
0 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame 84A6 35 B
646 B 30ms
30ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=pcEMm1PlrWmJciGk1vqGJ0NrluUn0pkCSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbiIwOQjnHBa5w2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK 28359477.gif
s1.adform.net/Banners/28359477/ Frame 159E 49 KB
0 28ms
27ms Image
image/gif 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s1.adform.net/Banners/28359477/28359477.gif?bv=2

Requested by

Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard

Protocol

HTTP/1.1

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Response headers

Date: Sat, 22 Dec 2018 10:33:33 GMT
Last-Modified: Tue, 27 Nov 2018 14:34:54 GMT
Server: nginx
ETag: "5bfd560e-c2cb"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=15
Content-Length: 49867

POST
H/1.1 200
OK /
track.adform.net/csimpr/ Frame 159E 35 B
646 B 71ms
28ms Other
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: http://track.adform.net/csimpr/?bn=26690929&csi=qEkwsjkHPs0_LMGbk8eMOkz38thO6RPhSnM008Uf2U0gY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbiIwOQjnHBa5w2
Requested by: Host: s1.adform.net
URL: http://s1.adform.net/stoat/614/s1.adform.net/load/v/0.0.164/e/.wSBgkg/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: HTTP/1.1
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: http://duressjhfd.icu
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Keep-Alive: timeout=15
Expires: -1

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame 3F82 0
0 279ms
22ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps40.doubleverify.com/ Frame 9330 8 KB
4 KB 178ms
46ms Script
text/javascript 213.254.244.16
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3691&ddur=122&uid=1545474817909506&jsCallback=dvCallback_1545474817909446&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690923&crt=28359481&btreg=26690923&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_728x90&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=5680085483712606620&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.16 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 3a2064a89a5289aabdc634e3c8910bdd63d2a0ba5415429f837ca1ee64d38924

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:38 AM

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame E26B 0
0 241ms
22ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps40.doubleverify.com/ Frame E8CB 9 KB
4 KB 355ms
40ms Script
text/javascript 213.254.244.16
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3722&ddur=131&uid=1545474817982731&jsCallback=dvCallback_1545474817982389&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3142101323001228224&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.16 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a0fb947946983a05bc7d66e0604ac6af3b2161b010537d7ffa6da7ec305b068c

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:38 AM

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame F9F6 0
0 225ms
21ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps40.doubleverify.com/ Frame 8BC3 8 KB
4 KB 393ms
46ms Script
text/javascript 213.254.244.26
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3739&ddur=120&uid=1545474818020534&jsCallback=dvCallback_1545474818020514&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=6541833698805942952&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.26 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 6707886c196dc70d005cbef9909e893b54ce71b285450073bc4877323cf774d1

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:38 AM

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame 1790 0
0 216ms
21ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps40.doubleverify.com/ Frame 394D 8 KB
4 KB 995ms
38ms Script
text/javascript 213.254.244.16
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3756&ddur=125&uid=1545474818050956&jsCallback=dvCallback_1545474818050936&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3541272039933801372&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.16 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ee83a38d65a6011c2115bcea2b0af34c8beb0e0285e6926e14fe19a33bd32f3d

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:39 AM

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame F029 0
0 180ms
21ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps40.doubleverify.com/ Frame 5B4D 9 KB
4 KB 1040ms
36ms Script
text/javascript 213.254.244.15
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3713&ddur=118&uid=1545474818110294&jsCallback=dvCallback_1545474818110282&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=2488677255535411121&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.15 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 53544633e8f0eac33281a7880dda438d3120640a465d7c3b6d4a02128228ec7f

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:38 AM

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame C9AC 0
0 142ms
22ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET visit.js
tps40.doubleverify.com/ Frame 62EA 0
0

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame 8DAB 0
0 123ms
22ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://duressjhfd.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://duressjhfd.icu/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4748
Date: Sat, 22 Dec 2018 10:33:38 GMT
Connection: keep-alive

GET visit.js
tps40.doubleverify.com/ Frame 8FAE 0
0

POST /
track.adform.net/serving/unload/ Frame BC73 0
0

POST /
track.adform.net/serving/unload/ Frame B38C 0
0

GET
H/1.1 200
OK query.js Show response
tps30.doubleverify.com/ Frame 5B4D 0
300 B 98ms
35ms Script
text/javascript 213.254.244.21
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps30.doubleverify.com/query.js?ctx=818052&cmp=1239517532
Requested by: Host: tps40.doubleverify.com
URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3713&ddur=118&uid=1545474818110294&jsCallback=dvCallback_1545474818110282&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=2488677255535411121&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f
Protocol: HTTP/1.1
Server: 213.254.244.21 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duressjhfd.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 12/21/2018 10:33:39 AM

POST event.png
tps20225.doubleverify.com/ Frame 9330 0
0

POST
H/1.1 200
OK event.png
tps20227.doubleverify.com/ Frame E8CB 67 B
464 B 116ms
48ms Other
image/png 213.254.244.17
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: http://tps20227.doubleverify.com/event.png?impid=bd7bf1fa78e849c598da69ffed521a38&vdur=359&msrjs=249&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=2&dvp_mref=&dvp_acc=75&dvp_acl=20448&dvp_acwe=0&dvp_vpos=1585-1200-1&isvelg=1&vit=2&engms=1&engisel=1&dvp_dvcs=&cbust=1545474820352144
Requested by: Host: cdn.doubleverify.com
URL: http://cdn.doubleverify.com/dv-measurements249.js
Protocol: HTTP/1.1
Server: 213.254.244.17 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: http://duressjhfd.icu/
Origin: http://duressjhfd.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 22 Dec 2018 10:33:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: http://duressjhfd.icu
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 12/21/2018 10:33:40 AM

POST /
track.adform.net/serving/unload/ Frame F2A6 0
0

POST event.png
tps20229.doubleverify.com/ Frame 8BC3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.exactag.com
URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=37189

Domain: m.exactag.com
URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=19288

Domain: m.exactag.com
URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x250&cachebuster=13345

Domain: tps40.doubleverify.com
URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3801&ddur=98&uid=1545474818171760&jsCallback=dvCallback_1545474818171202&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=3362071894903947836&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f

Domain: tps40.doubleverify.com
URL: http://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTauU2%3F4r92%3A%3Fl9EEATbpTauTau5FC6DD%3B975%5D%3A4FTar9EEATbpTauTau5FC6DD%3B975%5D%3A4FU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=http:&dvp_region=40&sup=Index+Exchange&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=3804&ddur=90&uid=1545474818210373&jsCallback=dvCallback_1545474818210683&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=249&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=http%3A%2F%2Fduressjhfd.icu%2F&fwc=0&flt=30&fec=938&fcifrms=23&brh=2&dvp_epl=140&ctx=11655933&cmp=1384581&sid=1358733&plc=26690929&crt=28359477&btreg=26690929&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x250&turl=duressjhfd.icu&DVP_ADTYPE=Image&DVP_LINE=4637653&DVPX_IMPID=2546943194213724105&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.0881&DVPX_LONG=8.59917&DVPX_PAGE=http%253a%252f%252fduressjhfd.icu%252f

Domain: track.adform.net
URL: http://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@26690923,5680085483712606620,100|4700|0|0|90|0|0|0|0||162|0|1538|161DEE4648F2C603_1|||1|0|0|TOOCkwZ4Z375-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01

Domain: track.adform.net
URL: http://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@26690929,2488677255535411121,37|0|0|0|250|0|0|0|0||0|0|1538|161DEE4648F2FEF7_1|||1|0|0|kuhcPNvsZxb5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11

Domain: tps20225.doubleverify.com
URL: http://tps20225.doubleverify.com/event.png?impid=ef1229ca951d4362874e98838dcbe3ed&vdur=188&msrjs=249&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=2&dvp_mref=&dvp_acc=75&dvp_acl=20448&dvp_acwe=0&dvp_vpos=1585-1200-1&isvelg=1&vit=2&engms=1&engisel=1&dvp_dvcs=&cbust=1545474820153319

Domain: track.adform.net
URL: http://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@26690929,3142101323001228224,0|0|0|0|250|0|0|0|0||0|0|1538|161DEE4648F2E1FB_1|||1|0|0|kuhcPNvsZxb5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11@@26690929,6541833698805942952,0|0|0|0|250|0|0|0|0||0|0|1538|161DEE4648F3B09A_1|||1|0|0|kuhcPNvsZxb5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11

Domain: tps20229.doubleverify.com
URL: http://tps20229.doubleverify.com/event.png?impid=a70dbf7d816f4e93bbf6e5451049769f&vdur=440&msrjs=249&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=2&dvp_mref=&dvp_acc=75&dvp_acl=20448&dvp_acwe=0&dvp_vpos=1585-1200-1&isvelg=1&vit=2&engms=1&engisel=1&dvp_dvcs=&cbust=1545474820473268

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			duressjhfd.icu/	1969-12-31 23:59:59	Name: dt Value: 2018-12-22T10:33:29.505Z
			.duressjhfd.icu/	1970-01-19 06:42:23	Name: __qca Value: P0-321948031-1545474809416

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://biddr.brealtime.com/26020867-1244.js(Line 9996) Message: Biddr360: bidsBack
console-api	log	URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272(Line 15834) Message: ERROR:::: loadAllClientSideDataFromClientStorage() - Cannot read property 'getItem' of null
console-api	log	URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272(Line 15834) Message: ERROR:::: removeOldCookieData() - Cannot read property 'setItem' of null
console-api	log	URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272(Line 15834) Message: ERROR:::: setCurrent() - Cannot read property 'getItem' of null
console-api	log	URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272(Line 15834) Message: ERROR:::: setPrevious() - Cannot read property 'setItem' of null
console-api	log	URL: http://www.lightboxcdn.com/vendor/e2133d86-c7c1-4ef3-9ea1-a331ee7ba433/user.js?cb=636808625656239272(Line 15834) Message: ERROR:::: getCurrent() - Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3217.casalemedia.com
acdn.adnxs.com
ad.atdmt.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.stack-sonar.com
as.casalemedia.com
b.scorecardresearch.com
bcp.crwdcntrl.net
biddr.brealtime.com
cdn.doubleverify.com
cdn.flipboard.com
cdn3.doubleverify.com
duressjhfd.icu
e1.emxdgt.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fpn.flipboard.com
hbevents.1rx.io
ib.adnxs.com
lightboxapi2.azurewebsites.net
m.exactag.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.wp.com
realbid.brealtime.com
rules.quantcount.com
s1.adform.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
sync.tag.clrstm.com
tag.1rx.io
tpc.googlesyndication.com
tps20225.doubleverify.com
tps20227.doubleverify.com
tps20229.doubleverify.com
tps30.doubleverify.com
tps40.doubleverify.com
track.adform.net
venturebeat-d.openx.net
venturebeat.com
vfd2dyn.vodafone.de
vfde.demdex.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.stack-sonar.com
m.exactag.com
tps20225.doubleverify.com
tps20229.doubleverify.com
tps40.doubleverify.com
track.adform.net
104.109.77.19
104.24.246.16
104.24.247.16
143.204.101.65
152.195.15.114
172.217.18.98
173.241.240.143
173.241.240.220
178.162.133.150
18.195.155.181
185.33.223.206
185.80.38.186
192.0.66.2
192.0.76.3
2.16.186.107
2.16.186.51
2.16.186.80
2.18.232.130
2.18.232.75
204.2.250.100
213.19.162.31
213.254.244.15
213.254.244.16
213.254.244.17
213.254.244.21
213.254.244.26
23.211.0.74
23.99.128.52
2600:9000:200c:4a00:6:44e3:f8c0:93a1
2600:9000:200c:5c00:e:5a70:ca47:86e1
2600:9000:200c:600:14:85db:2b40:93a1
2600:9000:200c:9000:6:44e3:f8c0:93a1
2606:4700::6810:51a5
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:815::2008
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c08::9d
2a00:1450:4016:800::2002
2a03:2880:f02d:5:face:b00c:0:8c
3.8.42.50
3.81.156.77
34.236.39.146
34.255.138.125
35.156.116.54
37.157.2.238
37.157.2.248
37.157.4.23
37.157.4.39
37.157.4.41
37.157.5.71
37.157.5.73
50.112.252.228
52.73.122.138
54.171.229.6
54.194.108.5
54.87.40.42
72.251.249.13
85.14.248.71
85.14.248.72
89.163.155.175
002ffa7b6ffc7bf82c987ea628aa6eda1c0c31eb81dd99437e8121d3fbbc060d
042bb9cee816e9f1234e87f992dadfaff2c083aad7caf07b4f9c99cb8bd03ab0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09e92136722cc5bc66678fe84632704c496f0a6a71c863b645931970e11c7518
0aefd36617e2a42e90cd9f8783c1a062fc166af30db1deab4144a1de137a467d
0c0eebde13799aec2af6faea9ae78fa770d2edc940bd76c509186b2dcddba6d0
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
17d5a993c5200b53af258bd78d243ba1eb36f1f465c51c4c93b9471da09271d6
17fbbd9a5f64634aab44ac1a43ff36f33c19947693a1ed453607a1e6c3683e20
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
1b68464c3a78eaab1170d22c5f8c7e05e5d4472bb97f4aeb046e7da75a5acbd1
1b8919ff8e6615d8b976413f996278a612cdc33e1146e88c8912e4771009441a
1bbca33aef1072be52f91c7ee211a6e64a95afdc1a717061ead67ca4ec14b5ec
201fa9340d59e94de161d7a1dbecd7842b41d6b3b16989ba1247721a62bb5a9e
2168077b5032db690bcc361d9593ed4f931a456652321631075b874d053dc169
241f202f1d13270d31ec74beb40f0c4bbe83d770594661bfef5283654328ddd3
2490bdcbf1b14155d82baeda2b19a0d9f1ea65176ec8f63cba0211520b0e727c
26aef7ee36786de3a601fa9a33fe054b4a5159d51fd2508028b84ec089150ea8
28a5a0d9dcdc8163f5a091e0f352cb31e7bcc81988962e57e7c5f075670a8e56
2a96c24ce951e1ee44b49babdd152dddea60f458ea37d20906fbae0c224bea95
2c92e6c84bd183f1b2f4247e428b80f24314e01510d2670363db744eda780052
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
312396dcd8b00e40f8582d975d9781ba4f16b704ca4bde4369325868cec555d1
3150444160cd50ea6aff92a6d89ffaedc4091d95e7859d89fbc0d0e9325f26c8
32055d9b971d8d2401fef1314f3ab521670dc4d913c65e27279aaa0b85f57e5e
32f23751cab7dde9c6b83b62608f4c9c4305ef1110804252d8f90f6f0e48fcae
3321e1cf8a1cb6ca338022c4ebb4564bffa6329beb39edb83f5c5118659a640e
3594dddc4c1075dba2196d89a8a9c5b1fdc368b96d6a45aa9b9982e172fc3020
365472f0ecba9ca97ae22732ee6125de17bc3c0283a493ec97c25ad4fded8559
37331946ebe92a58b2b8d4450cd84a70866ace5fe639e0cd6456bc598e20a627
39006f0615c356df39cf7e2c143a99a09610355ff5bde65899f298983a7f863f
3a2064a89a5289aabdc634e3c8910bdd63d2a0ba5415429f837ca1ee64d38924
3e3b146e0fb9535ab28473eb8638d74f3ab1aca9bbe2c121b7d4a7c8c84fae2f
3e9e49639e66fdbde4ba888d9178139fce46c20603ce9dc1b4105ecefd8d8fa0
3f18c48166c4fab53b352173d0be42319cdbd1a2d8a447d453b8185305e7ab45
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41cfb788c9bb160e43348529d7db33e2442c3b7e5b3115396bbf7815ae6c0914
434ec17b7a13904b342198aea47aa11c37eba1819fbb02362251e1f5cafe3cb5
441f0c49b87a86734a4f4d56b139d06cbbfd64639fc844f473cb2b660891d27b
4b9583ba27da3436d5010fe6e134779e09d92d2f0819bc467156684b7b740bd7
4da70a4226a112b27f1c6331e411d3ac85c6a7be51d6a5d23eafd9cb4afadf8a
5042256dc6dcf671500ec76287c84ab3d104654b25a571d21d8b4eb10f0eead8
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
53544633e8f0eac33281a7880dda438d3120640a465d7c3b6d4a02128228ec7f
538d65f6697615f09e318e6ce3368eb2d7883fb0a68a72ff64c7fe50ff3590ea
539f267070b987e53676e9a85c44282779251bb27c553233baf503165a14e7c5
53af528683617a63c431e7603cf4930b149e52eace8c2ac5ef060492614b7139
56e79b5ae7a721d8e53a925474eed50775e12f796acf1b2c25489ad4ca637c00
573f38ce544a609c1edca6ffbc48e3714589b422640bdf50c8a221e4fb17a78d
594ed1b389a5618880ef2283e39157eb6a9bbd2782b138ed7bef33de1a3adbfa
5b2090e5bfdcbe19a1a3be4caf24cbf1ce70a1d0ca14d22b305fdad6f0939bb9
5c8735fe16a9ebf8d932a5b6d71a47aa29ea523a9c76fd750a2764117aee977d
5e4f6bd4b15899c2903ae53ab574d6f41fc14e3c79413d655e42849a4b6105e8
62cb3c9306286683f19ec01207ad1c21767bcf2c81f81e98ef2aec1ed4b84d8b
62ee839db63e3ac5a4bd9c1b2602b7f5eb355a45d3495c8d640872b53f0990b2
63582a6643285117afedb63037f7ee9ea5712632075d87d8d38e7c804654cb24
661a88fc1bbdbe73718f04688c7c482b472292a7b62c8cde74f0bd03715d046f
66863b5d5eb3d2b2b9470a9802cc1e7fd1717e5de7fee06ada3ec7432a792698
6707886c196dc70d005cbef9909e893b54ce71b285450073bc4877323cf774d1
6912876aedbf9a807113a3383b7f0fbe009e6e4ea24466028c8e8034bf41aa19
699e8e3bbc2cebf0b4daae49f70f9715a95f2800377b0a43603888a52badd870
6b3cd19f26b022bfb5f70962432e66c47512ef407c40b88bfba916f00b2c685d
6fb4b3955da69a35b184de332ef9f1f788a2d9cb650da69e2fd3acd621f80d02
6fe81c66801fc5881e89c5b7e3ec23b1deb11ca44e28fec6f28a1b31aac81897
72369b3f50177912d56fb8625e467c343eec71d5f87d71008db98211e9a59199
749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428
783cbd70b0406ef85b18d678acac19392b47ded9363be8778a6c87a5c01dda46
78a382b3bfcf3e21862b2f2a672624b3bb5581624ffe757ce01f777b105fa49a
7af7a15ebe1c1d6774914d3dcce02ef009230a619571709b877abedf9996ce30
805e23104ae299f99a71e669ce3470cd015e0142f9842cd2f0c14b7a795de317
8150271012f78364f9423e56bf9ee8ca72ab98383687515a3f9eea15392c2849
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a71b5c11d65411b88b869b66f9c6a147ec0e4816fd88c5617172a5abd3f22
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8dff7d337a7f072c6cacaadfb8f9abf4e981acad52c30535fdfcd17538a38dd7
8e30b053f0aeeb71ade1da5c70dc663c623f9ce8374ae89f770ed6a1034706a7
8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550
8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035
95ce2a6bf4e941998bb7fc3a9509bb1596bafbfe714a22ea2a3e5cac303d4d90
986d9ed3ba172123cb10337f060844b5dd4b0067862fd8ca938b471135e0e058
9b231a902d566a8bca35f53f9a78eebf160ccb8b8c155e4b8c89cf7f0470ca54
9bfcf44cec0aba349d09e5e69381cb4756b1be967b06324e1bef5fbb0a1e6997
9ea0faf2840fbbe21ffdff4385c005614968d2e7885a5d45bc9bc074971aab4d
a021ce654376f84d0255e717434af4929d54c2bc23e44dae251915ab6c506165
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fb947946983a05bc7d66e0604ac6af3b2161b010537d7ffa6da7ec305b068c
a3f5cb758d5c1eb7426627ec31a3b8894a0dc53cff4affc2381583cd3751c9cc
a42f1e2803c128feddda9a3ab6420a9df9c76d9662e4434226cc573635e6bf8a
a4d09f41a70ac0a58c932a443700f78aa3573757f25e2f4cfbe41fa651e75919
a6177930c490ae5c08501ba781abb8426277ea34d3b170c020e9a110d3ba86f2
a61bc6f5f174b49a543ba8a4076030645cb575d7817a9b457b0f25f74fa27cdb
a8ab69a3f6ccb19ba0bf4c58b851cc44a19bec189fa6f6c6e536517144e95a17
a9ee32dbc0b44ddd2778c5f64c4231d878b7e3a9be1a81560b2a795466f35e7a
ab480c40525a72ed5918aed50500bbfd7a426f4bc57c4df859872d17e36c73ed
aea1ef3898cf302d58a561aa6b7fdbc1bae9cf6c9d9a26b6e137c18c950f7add
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1002b157eb86eca4e17966f513674fe15ee1a6041949e58b0719ef59f74232e
b3123f9f7cbbceaa7a541d94fa11e9631784f18eba4bbae83aca5f08e1a062de
b3a48acc8e8f9e4c7f533b16ae1c0106e10e18205699f3c70dbd1fcfa6fc1825
b6395e5a708ab6e29f37df37439be682d4a1770720643814f6e63f5dceeae542
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b6b7d95afd0d0332998af3038cea65a0572660828528affcd1ad83f759cadf4d
bc862217960c96ec21d69cf6e8b0fefec24b8a563ded6223714fd3e689ec1d6a
c09111b22d6807c379dd0bb9e5a83176072b8bb4066fa79547b614f225d075ed
c23fbd02a1977a17f5fc2d61d9623ee513ed2085df62925d799c473537aae193
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c351eb35e70a8edb591f1a119951e40929fe5e5d714abf00cc761bb6e7c3e758
c77065166f85629d663d65008141bfcb9309ac44e4789cc8c805808f78effb56
c8a57d46ecdea2f9b6c44ad173b55a269b12243dcf455817b37b5a1913b343ff
d06275a0a1ee6c1ba3352d8f753b2abbe98bdeeb529c5a4fa2c6778e34c13ef9
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d308a9f9a76eacaebd0659717d712a55fe91bda9ce2248eb9ed953fd40e3f725
d3eb45f84aa37cede88d23441d86ec2f1c7998d2c430e9e9baee139a454a6e85
d64cce45f810456b0eb8a996f32964ea77cec7ec26b382641774653e11547257
d99e7e29e860a6c72ad8aed7697834208690f06b4f69ccf15d817570b6e28247
da36e0d1c5201e5171432444d8c3bc8e1f603d822f59978d2a1a561dd376d7bf
db8744ff88d3dbb397fcae717e20b9d2e50bb9d47e9c09af779a18d6bec8f749
dcd65f68ba0f82f4b6602518271647d14263fcc676e3060157b1f319640e33e1
dd03f0c1c3879b4271397d4c35029bda69e52e1d5667fbe0d449a9aec29cc73d
dd5dc43a948913b2023c0bd679355fbe04cbfdd9c6eb92d7ad99ce02a4e6ffa7
e0c39332706a66dc7d4e4eabc862f5878628587923fc87fc75ea794a733679cf
e12bce95e4fe605db7138898e6d70212eeb73e9d8b038b01ba27f53b1d572bfe
e26971e914cd5893852b85cf52c367b0d1a8b043cb47f7b9690cadf59fef08ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee83a38d65a6011c2115bcea2b0af34c8beb0e0285e6926e14fe19a33bd32f3d
ee908d13aabb98ef1e87b0f9814752530d23829658c7f771f7aefc8546e6fa91
eee8f9a3dd1e0e1c29fb91b25a39ce52b381af05a6539e147c7e7e9146f346a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f81c41caef384fb1832d8d8ecab44bc1104b2b2c05c8533add5f33e233ad34
f27722c497f45a369c04808b55c7eb23272f4ceab17a465bc0df613f39d55fb1
f2ac5243eb89ad16fd8f79875a70cabb6676049052fa16993f9adbf08cfb3cd8
f2f7df24c8c4e910f6fbb7c5f92d41abf98aa8505f34b691b9a54a243f130062
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5f5c0769d6387257e427aeb5968a97d9021b4cd2fba181fccbc0fa6a2dc102e
f6629015083fbbe923888d5d5bd1140da7d1960a735f3c6a59ad2fdf18911f39
f6ba203dfa8d19d0aa482274f6658b1fe01a138e1e721c8f5dd085ff66b54057
f8bca1acb3b0908c18c9d2de3bda258416116ae3658cd82c96a340f4d3fed636
f94fa7f03c86ef35e52bbc2595166af7ec64b4ad121a6ff656846c6fe56931d0
fb678340b778adf6c7f2ced35c886c8a08401dae444ec701d31bb860a9a36cf4
fc645e3de9fd2858a229aa311cdd99cddc1a9740ae85be019d096cd4a1cdd98b
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ff3a4fb373b41e1bf8f8acf31eb10a5ba392808d096e2a668cf99e2d2a9623ac
ffe63b1287f738c8cb0cf80f6aab2f79e82353b182e4f39e53923e628b228e63

duressjhfd.icu Open in urlscan Pro 89.163.155.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

253 Requests

45 %HTTPS

28 %IPv6

37 Domains

57 Subdomains

65 IPs

7 Countries

2617 kBTransfer

6846 kBSize

2 Cookies

64 Outgoing links

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

duressjhfd.icu Open in urlscan Pro
89.163.155.175 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

45 %
HTTPS

28 %
IPv6

37
Domains

57
Subdomains

65
IPs

7
Countries

2617 kB
Transfer

6846 kB
Size

2
Cookies

253 HTTP transactions
7 data transactions