URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Submission: On December 02 via manual from US

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 19 HTTP transactions. The main IP is 185.221.153.235, located in Moscow, Russian Federation and belongs to RUWEB RuWeb LLC, Moscow, Russia, RU. The main domain is hotinisifididjow.25u.com.
This is the only time hotinisifididjow.25u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.221.153.235 49189 (RUWEB RuW...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 23.111.9.35 33438 (HIGHWINDS2)
2 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 192.0.72.25 2635 (AUTOMATTIC)
3 13.224.195.156 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
1 151.101.13.164 54113 (FASTLY)
2 143.204.214.74 16509 (AMAZON-02)
1 35.241.35.213 15169 (GOOGLE)
1 2 192.0.72.27 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.24.9.121 16625 (AKAMAI-AS)
19 14
Domain Requested by
5 i.dailymail.co.uk 2 redirects hotinisifididjow.25u.com
2 ronezhiphopcleveland.files.wordpress.com 1 redirects hotinisifididjow.25u.com
2 d6u22qyv3ngwz.cloudfront.net hotinisifididjow.25u.com
2 image.cdn.ispot.tv hotinisifididjow.25u.com
1 www.trbimg.com hotinisifididjow.25u.com
1 www.enca.com hotinisifididjow.25u.com
1 d2z1w4aiblvrwu.cloudfront.net hotinisifididjow.25u.com
1 media.breitbart.com hotinisifididjow.25u.com
1 static01.nyt.com hotinisifididjow.25u.com
1 mediadc.brightspotcdn.com hotinisifididjow.25u.com
1 www.bizpacreview.com hotinisifididjow.25u.com
1 postmediacanoe.files.wordpress.com hotinisifididjow.25u.com
1 use.fontawesome.com hotinisifididjow.25u.com
1 stackpath.bootstrapcdn.com hotinisifididjow.25u.com
1 hotinisifididjow.25u.com
19 15

This site contains no links.

Subject Issuer Validity Valid
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
secured.dailymail.co.uk
DigiCert Secure Site ECC CA-1
2020-04-29 -
2021-02-18
10 months crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-15 -
2021-01-14
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-28 -
2021-07-28
a year crt.sh
mediadc.brightspotcdn.com
Amazon
2020-05-27 -
2021-06-27
a year crt.sh
nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-03 -
2022-04-06
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh

This page contains 1 frames:

Primary Page: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Frame ID: E232E60EB14313251F3D5A0C01DB0F11
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

74 %
HTTPS

36 %
IPv6

13
Domains

15
Subdomains

14
IPs

5
Countries

2609 kB
Transfer

2781 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg HTTP 301
  • https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg
Request Chain 3
  • http://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg HTTP 301
  • https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg
Request Chain 13
  • http://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1 HTTP 301
  • https://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Bartender-in-heineken-commercial.html
hotinisifididjow.25u.com/
15 KB
5 KB
Document
General
Full URL
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Server
185.221.153.235 Moscow, Russian Federation, ASN49189 (RUWEB RuWeb LLC, Moscow, Russia, RU),
Reverse DNS
server3.ru
Software
nginx/1.15.12 /
Resource Hash
5810f8e37facbeaa4933bcada03b388f3d38300686a5d502b3a7a3990560cc20

Request headers

Host
hotinisifididjow.25u.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.15.12
Date
Wed, 02 Dec 2020 18:55:00 GMT
Content-Type
text/html; charset=utf-8
Last-Modified
Thu, 22 Aug 2019 01:21:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5d5dee2d-3c68"
Content-Encoding
gzip
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
23 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
http://hotinisifididjow.25u.com
Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 18:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:50 GMT
etag
"1550076050"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23237
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin
http://hotinisifididjow.25u.com
Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 18:54:47 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
4A93213000000578-5545609-image-a-56_1522076742857.jpg
i.dailymail.co.uk/i/newpix/2018/03/26/16/
Redirect Chain
  • http://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg
  • https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg
34 KB
35 KB
Image
General
Full URL
https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:297::11ae , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b220c5877fddf35bfa8c551ca173305dcd8f5289429d05c12dae482861b8ec92

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
content-type
image/jpeg
x-amz-request-id
4BD9C7E01DB1F61D
x-amz-meta-mode
33188
content-length
35012
x-amz-id-2
TcQRkGLAJJdBYnu+fNVWF7kAeeB76ps2SzqcAj8Cfp3gPR9qdcwjeWQEDI2Cy+8lTsDKaBRzkog=
last-modified
Tue, 27 Mar 2018 22:13:29 GMT
server
AmazonS3
etag
"5fc5412b29a6eff7f0bb5af34a1b70e6"
x-amz-meta-uid
1001
x-amz-meta-gid
1001
expires
Fri, 01 Jan 2021 18:54:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
date
Wed, 02 Dec 2020 18:54:47 GMT
x-amz-meta-mtime
1522188808

Redirect headers

Date
Wed, 02 Dec 2020 18:54:47 GMT
Server
AkamaiGHost
Location
https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213000000578-5545609-image-a-56_1522076742857.jpg
Cache-Control
max-age=2592000
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Fri, 01 Jan 2021 18:54:47 GMT
4A93212800000578-5545609-image-a-57_1522076748240.jpg
i.dailymail.co.uk/i/newpix/2018/03/26/16/
Redirect Chain
  • http://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg
  • https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg
39 KB
40 KB
Image
General
Full URL
https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:297::11ae , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
720633597f8155d53fb6160e8ad7748477b74f8f758ab5f0398a89c3fb5d430d

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
content-type
image/jpeg
x-amz-request-id
7AEAF30CF1F6A8C1
x-amz-meta-mode
33188
content-length
40372
x-amz-id-2
i7O2usxmPJ5Y+0N2A+Cv66wLF4Sse0I8+mEIFyLEJmnM6qCZ9puQTYNELk7HwvQterc4uDKt6Zo=
last-modified
Tue, 27 Mar 2018 22:13:28 GMT
server
AmazonS3
etag
"3bbaa4f2b303e99963162d225983e358"
x-amz-meta-uid
1001
x-amz-meta-gid
1001
expires
Fri, 01 Jan 2021 18:54:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
date
Wed, 02 Dec 2020 18:54:47 GMT
x-amz-meta-mtime
1522188807

Redirect headers

Date
Wed, 02 Dec 2020 18:54:47 GMT
Server
AkamaiGHost
Location
https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93212800000578-5545609-image-a-57_1522076748240.jpg
Cache-Control
max-age=2592000
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Fri, 01 Jan 2021 18:54:47 GMT
heinekenad1000.jpg
postmediacanoe.files.wordpress.com/2018/03/
0
0
Image
General
Full URL
https://postmediacanoe.files.wordpress.com/2018/03/heinekenad1000.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

4A93213700000578-5545609-image-a-58_1522076753402.jpg
i.dailymail.co.uk/i/newpix/2018/03/26/16/
18 KB
18 KB
Image
General
Full URL
https://i.dailymail.co.uk/i/newpix/2018/03/26/16/4A93213700000578-5545609-image-a-58_1522076753402.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:297::11ae , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
720f235132d4af8a05838e419dc767b3dd36cf12b357402d32c822a8909d9791

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
content-type
image/jpeg
x-amz-request-id
0FDE9051C2D55859
x-amz-meta-mode
33188
content-length
18331
x-amz-id-2
WxNOSFVrxvrD43uI3AxpiDWk8WoragLt+E8yJ21+4LXF9VYb13BXw89ER9fatjv2v1qJLjTzQpg=
last-modified
Tue, 27 Mar 2018 22:13:30 GMT
server
AmazonS3
etag
"76e184a2641e13afdb6f5f8106ac58a8"
x-amz-meta-uid
1001
x-amz-meta-gid
1001
expires
Fri, 01 Jan 2021 18:54:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
date
Wed, 02 Dec 2020 18:54:47 GMT
x-amz-meta-mtime
1522188809
heineken-moderate-drinkers-wanted-song-by-bonnie-tyler-large-10.jpg
image.cdn.ispot.tv/ad/AtO3/
233 KB
234 KB
Image
General
Full URL
http://image.cdn.ispot.tv/ad/AtO3/heineken-moderate-drinkers-wanted-song-by-bonnie-tyler-large-10.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Server
13.224.195.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
586831870ab1cd947c3fe2cefad16e78b48e5ae8e0c73162a1ecb25a2e0381b2

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:48 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified
Sun, 08 Oct 2017 11:51:30 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"c4f1c286e55e40f6ce260cdfb4c02fe1-1"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
238761
X-Amz-Cf-Id
WL0Z3_IXl-VzRffWbGODAk-kSVbaomrPnyV5KTj0q69lm77LDpksoA==
sg-heineken-ad-484-by-265.jpg
www.bizpacreview.com/wp-content/uploads/2018/03/
37 KB
37 KB
Image
General
Full URL
https://www.bizpacreview.com/wp-content/uploads/2018/03/sg-heineken-ad-484-by-265.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c695364660fd629ffbf58ece3fa9adde224ff425b1934c7b4d7772fe43fce504

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 18:54:48 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
37387
cf-request-id
06c667aeca0000177ef6191000000001
pragma
public
last-modified
Wed, 08 Jan 2020 00:54:02 GMT
server
cloudflare
etag
"5e15282a-920b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2BgRj3w4UJyb9iGtTQNjUpYuRYdUAPskB1n5XCo6u0lKZvOorrXvzy3TyLJbSZtMOAZiSBk0mMZOV1oNEmmNJTzhhPWlj4lifGp5r%2BmGP%2BvVc%2B0PczEgNjWlJKwaorRscw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5fb7422add52177e-FRA
expires
Thu, 02 Dec 2021 18:54:47 GMT
/
mediadc.brightspotcdn.com/dims4/default/426b354/2147483647/strip/true/crop/1734x929+0+0/resize/1734x929!/quality/90/
66 KB
66 KB
Image
General
Full URL
https://mediadc.brightspotcdn.com/dims4/default/426b354/2147483647/strip/true/crop/1734x929+0+0/resize/1734x929!/quality/90/?url=https%3A%2F%2Fmediadc.brightspotcdn.com%2Fbf%2F3b%2F14778394471ca8cef3805bf20347%2F040818-bacquet-screenshot.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e00:1c:fc5a:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
29e5037159dd65e81d6e0c7ca6863ece8fab3d409ade9761d18770447c92c4e3
Security Headers
Name Value
X-Xss-Protection 1;mode=block;

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 16:53:32 GMT
via
1.1 varnish-v4, 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
age
266475
x-cache
Hit from cloudfront
edge-control
downstream-ttl=31536000
x-varnish-cache-control
max-age=31536000, public
x-varnish-age
0
x-varnish-cache-delivery
MISS
content-length
67435
x-xss-protection
1;mode=block;
server
Apache
x-varnish-edge-control
downstream-ttl=31536000
etag
598d493fe7b8ffb335113d439a370ed7
x-robots-tag
nofollow
x-varnish
2287540
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
PVwPqHKzNzyzRApBxCiWb276ZPpLjrNCUZb6njp5sPf3xpTi7V5cBQ==
expires
Mon, 29 Nov 2021 16:53:32 GMT
29xpheineken2-facebookJumbo.png
static01.nyt.com/images/2018/03/29/us/29xpheineken2/
193 KB
193 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/03/29/us/29xpheineken2/29xpheineken2-facebookJumbo.png
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d0764355b4f48c907b629314b0dff0d907997d4c17975b144e0cc88cb84beca0

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 18:54:47 GMT
via
1.1 varnish, 1.1 varnish
age
33774
x-guploader-uploadid
ABg5-Ux8kJL9MQ2PHqYguyy0Cqm_7089-2nIyn5SJiTRfEmcOaiHCdOk05TNwE5HxVx6f0rqn5jgNQ_nRPdlxuE-epo
x-cache
HIT, MISS
x-goog-storage-class
MULTI_REGIONAL
content-length
197425
x-served-by
cache-bwi5147-BWI, cache-fra19153-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Wed, 28 Mar 2018 18:14:35 GMT
server
UploadServer
x-timer
S1606935288.601138,VS0,VE298
etag
"60cfdff3c8988a8f87b32af9817bba4c"
vary
Origin
x-goog-hash
crc32c=+kC1jw==, md5=YM/f88iYio+Hsyr5gXu6TA==
content-type
image/png
access-control-allow-origin
*
expires
Wed, 02 Dec 2020 09:31:53 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
1, 0
heineken-the-look-featuring-benicio-del-toro-song-by-donovan-small-9.jpg
d6u22qyv3ngwz.cloudfront.net/ad/AmtS/
59 KB
59 KB
Image
General
Full URL
https://d6u22qyv3ngwz.cloudfront.net/ad/AmtS/heineken-the-look-featuring-benicio-del-toro-song-by-donovan-small-9.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-74.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca1ccb7019070a97a86ff14613fae686bdb58b471a08b319b77523760bff343a

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:48 GMT
Via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 02:51:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
ETag
"24cadca33de0fdb9602330a8d8ea769f-1"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60388
X-Amz-Cf-Id
43awbiZgWz4dcvnlqvTf2g756TR7GMcaCbkaoXAiAoReqqM94iqd3Q==
pjimage-44.png
media.breitbart.com/media/2018/03/
698 KB
699 KB
Image
General
Full URL
http://media.breitbart.com/media/2018/03/pjimage-44.png
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Server
35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.35.241.35.bc.googleusercontent.com
Software
shield /
Resource Hash
345e6f60a12264bde488ef16cf019fce43fab55b8d34643e4d545a16f1e8c2da

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:48 GMT
Via
1.1 google, 1.1 google
Last-Modified
Wed, 28 Mar 2018 15:16:13 GMT
Server
shield
ETag
"5abbb1bd-ae9c2"
Content-Type
image/png
X-Shield-Request-Id
53b7228c2a06f3dfaa547b3777ef1953
Cache-Control
max-age=31556926
Accept-Ranges
bytes
Content-Length
715202
heineken-the-look-featuring-benicio-del-toro-song-by-donovan-large-5.jpg
d2z1w4aiblvrwu.cloudfront.net/ad/AmtS/
292 KB
292 KB
Image
General
Full URL
https://d2z1w4aiblvrwu.cloudfront.net/ad/AmtS/heineken-the-look-featuring-benicio-del-toro-song-by-donovan-large-5.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff8f6768f9d87bb685361321d5115a71dbbba55836401cf94a1ab6047fa03fbf

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:48 GMT
Via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 02:51:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"027ef48540becbb1ca9e922092e6c5f1-1"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
298559
X-Amz-Cf-Id
k7GYIl7H-BkF84snN4pGV6R_g4hdEicil1RAPzMTfZCUuDr_tJwGfw==
15175743544425.jpg
ronezhiphopcleveland.files.wordpress.com/2018/03/
Redirect Chain
  • http://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1
  • https://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1
0
0
Image
General
Full URL
https://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://ronezhiphopcleveland.files.wordpress.com/2018/03/15175743544425.jpg?quality=80&strip=all&w=560&h=320&crop=1
Date
Wed, 02 Dec 2020 18:54:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
WEB_PHOTO_HEINEKEN_ADVERT_31032018.JPG
www.enca.com/sites/default/files/styles/facebook/public/
54 KB
55 KB
Image
General
Full URL
https://www.enca.com/sites/default/files/styles/facebook/public/WEB_PHOTO_HEINEKEN_ADVERT_31032018.JPG?itok=HHOJJ67O
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb038cd7523f9ddd5a330a811de554fee765bbb7bea5c57155990559ed34062
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 18:54:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-cache-hits
2
x-ah-environment
prod
content-length
55254
cf-request-id
06c667afaa0000636bb0226000000001
x-request-id
v-b3672e38-34ad-11eb-8120-6b73321d16f4
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5fb7422c4801636b-FRA
expires
Wed, 16 Dec 2020 14:50:20 GMT
ct-heineken-pulls-light-beer-commercial-20180327
www.trbimg.com/img-5aba643c/turbine/
593 KB
594 KB
Image
General
Full URL
http://www.trbimg.com/img-5aba643c/turbine/ct-heineken-pulls-light-beer-commercial-20180327
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Server
184.24.9.121 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-9-121.deploy.static.akamaitechnologies.com
Software
Apache / Phusion Passenger 5.0.28
Resource Hash
02efdbb98325d2c3e716ab65f1bd1ed89798f1599103c97a06f08c5368340603

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:47 GMT
Last-Modified
Tue, 27 Mar 2018 15:33:16 GMT
Server
Apache
Access-Control-Allow-Origin
*
X-Powered-By
Phusion Passenger 5.0.28
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/png
Status
200 OK
Cache-Control
public, max-age=30844146
Content-Disposition
inline; filename=ct-heineken-pulls-light-beer-commercial-20180327
Connection
keep-alive
Httpd-Identifier
web-df4fd76496c76b746684f5574767c5ed
Access-Control-Allow-Headers
*
Content-Length
607743
heineken-moderate-drinkers-wanted-song-by-bonnie-tyler-large-3.jpg
image.cdn.ispot.tv/ad/AtO3/
201 KB
202 KB
Image
General
Full URL
http://image.cdn.ispot.tv/ad/AtO3/heineken-moderate-drinkers-wanted-song-by-bonnie-tyler-large-3.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Server
13.224.195.156 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
638a167d81ab5b89de9ce2861b5ae8c752eca4dd324267f9431a7f2b9392570f

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:49 GMT
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified
Sun, 08 Oct 2017 11:51:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"32dec67ae2ace7d7db3e3b81dc5029f0-1"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
206236
X-Amz-Cf-Id
zsMCef9jMpoGJGYvKOjXsdtC7p_tp-FanLN_2y8iRD-M1zHiMykjmA==
heineken-the-look-featuring-benicio-del-toro-song-by-donovan-small-3.jpg
d6u22qyv3ngwz.cloudfront.net/ad/AmtS/
42 KB
43 KB
Image
General
Full URL
https://d6u22qyv3ngwz.cloudfront.net/ad/AmtS/heineken-the-look-featuring-benicio-del-toro-song-by-donovan-small-3.jpg
Requested by
Host: hotinisifididjow.25u.com
URL: http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-74.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50a744ac2a58348a544704fdd5e3ac737eda7dd9671258eca0be61b53c0de4fb

Request headers

Referer
http://hotinisifididjow.25u.com/Bartender-in-heineken-commercial.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 18:54:49 GMT
Via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 02:51:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
ETag
"b9d9d6985e7c298bdaa21f76fe0f2112-1"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43479
X-Amz-Cf-Id
sU84lFZAtbS3GMjyqTRBuUMw5JjPW99fSDgSjES_Hq-HYTFvFquSIg==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| b

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2z1w4aiblvrwu.cloudfront.net
d6u22qyv3ngwz.cloudfront.net
hotinisifididjow.25u.com
i.dailymail.co.uk
image.cdn.ispot.tv
media.breitbart.com
mediadc.brightspotcdn.com
postmediacanoe.files.wordpress.com
ronezhiphopcleveland.files.wordpress.com
stackpath.bootstrapcdn.com
static01.nyt.com
use.fontawesome.com
www.bizpacreview.com
www.enca.com
www.trbimg.com
13.224.195.156
143.204.214.74
151.101.13.164
184.24.9.121
185.221.153.235
192.0.72.25
192.0.72.27
2001:4de0:ac19::1:b:3a
23.111.9.35
2600:9000:2156:e00:1c:fc5a:c380:93a1
2606:4700:20::681a:b36
2606:4700::6810:3b54
2a02:26f0:6c00:297::11ae
35.241.35.213
02efdbb98325d2c3e716ab65f1bd1ed89798f1599103c97a06f08c5368340603
1fb038cd7523f9ddd5a330a811de554fee765bbb7bea5c57155990559ed34062
29e5037159dd65e81d6e0c7ca6863ece8fab3d409ade9761d18770447c92c4e3
345e6f60a12264bde488ef16cf019fce43fab55b8d34643e4d545a16f1e8c2da
50a744ac2a58348a544704fdd5e3ac737eda7dd9671258eca0be61b53c0de4fb
5810f8e37facbeaa4933bcada03b388f3d38300686a5d502b3a7a3990560cc20
586831870ab1cd947c3fe2cefad16e78b48e5ae8e0c73162a1ecb25a2e0381b2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
638a167d81ab5b89de9ce2861b5ae8c752eca4dd324267f9431a7f2b9392570f
720633597f8155d53fb6160e8ad7748477b74f8f758ab5f0398a89c3fb5d430d
720f235132d4af8a05838e419dc767b3dd36cf12b357402d32c822a8909d9791
b220c5877fddf35bfa8c551ca173305dcd8f5289429d05c12dae482861b8ec92
c695364660fd629ffbf58ece3fa9adde224ff425b1934c7b4d7772fe43fce504
ca1ccb7019070a97a86ff14613fae686bdb58b471a08b319b77523760bff343a
d0764355b4f48c907b629314b0dff0d907997d4c17975b144e0cc88cb84beca0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ff8f6768f9d87bb685361321d5115a71dbbba55836401cf94a1ab6047fa03fbf